Modify

Opened 17 years ago

Last modified 12 years ago

#2498 assigned defect

Unable to login - even from browser

Reported by: anonymous Owned by: txcraig
Priority: normal Component: HttpAuthPlugin
Severity: normal Keywords:
Cc: Thijs Triemstra Trac Release: 0.10

Description

I enable the plugin, but then when I test it by go to the /xmlrpc, trying to enter any username/password created by AccountManager plugin doesn't work.

Attachments (0)

Change History (13)

comment:1 Changed 17 years ago by danigoldman

I've got the same issue over here.

comment:2 Changed 17 years ago by milesparker@…

I have the same issue..here are the relevant Trac.ini settings..

[account-manager]
password_file = [path]/trac_sites/scoreabm.passwd
password_format = htpasswd

[components]
acct_mgr.* = enabled
httpauth.filter.httpauthfilter = enabled
tracrpc.* = enabled
webadmin.* = enabled
httpauth.* = enabled
trac.web.auth.LoginModule = disabled
acct_mgr.web_ui.LoginModule = enabled
acct_mgr.htfile.HtPasswdStore = enabled

[httpauth]
paths = /xmlrpc, /login/xmlrpc

comment:3 Changed 17 years ago by Till <datenrecycling@…>

I had the same problem and found a solution:

Some part (FastCGI, AccountManager or HttpAuthPlugin) expects the authenthcation information in the HTTP_AUTHORIZATION Header.

But the information is stored in the Authorization Header.

Solution in the Apache2-Config:
Tell FastCGI to pass the Header:
FastCgiConfig -pass-header HTTP_AUTHORIZATION

Add the additional header:
RewriteEngine on
RewriteCond %{HTTP:Authorization} (.*)
RewriteRule .* - [E=AUTHINFO:%1]
RequestHeader add HTTP_AUTHORIZATION %{AUTHINFO}e env=AUTHINFO

comment:4 Changed 17 years ago by milesparker@…

Thanks for the diagnosis/solution. Unfortunately, I don't have access to my Apache config. Any ideas for working around this issue w/o editing config?

comment:5 Changed 17 years ago by Till <datenrecycling@…>

You could just write the config to an .htaccess file.

Unfortunately, this does not work for the FastCgiConfig, but maybe it is your lucky day and it works.

comment:6 Changed 16 years ago by anonymous

had the same problem while trying to force httpauth to all uris with "format=rss" on trac0.11.2.1 and accountmanager while using fgcid in apache2 and form based auth behind forced ssl.

bottomline: what Till describes above works fine, also with fcgid, just add

PassHeader HTTP_AUTHORIZATION

to the fcgid config

i also use the patch suggested in #3100

i think this should be better documented and closed

comment:7 Changed 16 years ago by tch

I had the same issue with WSGI:

Solution -

Add WSGIPassAuthorization On

to your apache config for your site.

comment:8 in reply to:  7 ; Changed 16 years ago by Thijs Triemstra

Cc: Thijs Triemstra added; anonymous removed

Replying to tch:

I had the same issue with WSGI:

Solution -

Add WSGIPassAuthorization On

to your apache config for your site.

Seems like this, and other suggestions in this ticket, should be documented on the plugin's frontpage, and then it can be closed?

comment:9 in reply to:  8 Changed 15 years ago by anonymous

Any ideas on how to get around this when using mod_python (No WSGI, FastCGI) etc. I am currently unable to use the Register and Change Password features of the AccountManager due to this.

Also, am I correct in thinking this is linked to 1390? I get the same error message when attempting to log in after having created a new user.

Relevant trac.ini section

[account-manager]
hash_method = HtPasswdHashMethod
password_file = /path/to/htpasswd
password_store = HtPasswdStore

[components]
acct_mgr.admin.accountmanageradminpage = enabled
acct_mgr.api.accountmanager = enabled
acct_mgr.htfile.abstractpasswordfilestore = disabled
acct_mgr.htfile.htpasswdstore = enabled
acct_mgr.http.httpauthstore = disabled
acct_mgr.notification.accountchangelistener = enabled
acct_mgr.notification.accountchangenotificationadminpanel = enabled
acct_mgr.pwhash.htpasswdhashmethod = enabled
acct_mgr.web_ui.accountmodule = enabled
acct_mgr.web_ui.emailverificationmodule = disabled
acct_mgr.web_ui.loginmodule = disabled
acct_mgr.web_ui.registrationmodule = enabled
httpauth.* = enabled
trac.web.auth.loginmodule = enabled

comment:10 Changed 15 years ago by mcburn

what is the solution without an apache2?

i try to connect with eclipse/mylin to http://.../trac/login/xmlrpc and i got this msg: Unable to authenticate with repository. Login credentials invalid.

and if i try it with a browser, the login prompt toggled and i have to cancel.

comment:11 Changed 15 years ago by daddy.cool.78@…

Having the same problem described here, I couldn't use the solution described. For whatever reason, I always finished with a error 500 on my server.

For the record, I'm using Dreamhost for server and I use a custom python to run the Trac.

For this to work, I added these line in my .htaccess file :

SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1

Didn't put them in any <if> or whatever, so I hope it can help some if you ever get on this page. With this config, EclipseWiki integration works. Finally

comment:12 in reply to:  11 Changed 13 years ago by anonymous

Replying to daddy.cool.78@gmail.com:

Having the same problem described here, I couldn't use the solution described. For whatever reason, I always finished with a error 500 on my server.

For the record, I'm using Dreamhost for server and I use a custom python to run the Trac.

For this to work, I added these line in my .htaccess file :

SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1

Didn't put them in any <if> or whatever, so I hope it can help some if you ever get on this page. With this config, EclipseWiki integration works. Finally

Brilliant, thanks for that. Worked perfectly for me on Dreamhost (trying to get it working so it connects to my Zend Studio).

comment:13 Changed 12 years ago by txcraig

Owner: changed from Noah Kantrowitz to txcraig
Status: newassigned

I am adopting this plugin. Looks like there are some documentation updates needed and this can be closed.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as assigned The owner will remain txcraig.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.