Opened 9 years ago

Unable to login - even from browser

Reported by: Owned by: anonymous txcraig normal HttpAuthPlugin normal Thijs Triemstra 0.10

Description

I enable the plugin, but then when I test it by go to the /xmlrpc, trying to enter any username/password created by AccountManager plugin doesn't work.

comment:1 Changed 9 years ago by danigoldman

I've got the same issue over here.

comment:2 Changed 9 years ago by milesparker@…

I have the same issue..here are the relevant Trac.ini settings..

[account-manager]

[components]
acct_mgr.* = enabled
httpauth.filter.httpauthfilter = enabled
tracrpc.* = enabled
httpauth.* = enabled
acct_mgr.htfile.HtPasswdStore = enabled

[httpauth]


comment:3 Changed 9 years ago by Till <datenrecycling@…>

I had the same problem and found a solution:

Some part (FastCGI, AccountManager or HttpAuthPlugin) expects the authenthcation information in the HTTP_AUTHORIZATION Header.

But the information is stored in the Authorization Header.

Solution in the Apache2-Config:
Tell FastCGI to pass the Header:
FastCgiConfig -pass-header HTTP_AUTHORIZATION

RewriteEngine on
RewriteCond %{HTTP:Authorization} (.*)
RewriteRule .* - [E=AUTHINFO:%1]
RequestHeader add HTTP_AUTHORIZATION %{AUTHINFO}e env=AUTHINFO

comment:4 Changed 9 years ago by milesparker@…

Thanks for the diagnosis/solution. Unfortunately, I don't have access to my Apache config. Any ideas for working around this issue w/o editing config?

comment:5 Changed 9 years ago by Till <datenrecycling@…>

You could just write the config to an .htaccess file.

Unfortunately, this does not work for the FastCgiConfig, but maybe it is your lucky day and it works.

comment:6 Changed 9 years ago by anonymous

had the same problem while trying to force httpauth to all uris with "format=rss" on trac0.11.2.1 and accountmanager while using fgcid in apache2 and form based auth behind forced ssl.

bottomline: what Till describes above works fine, also with fcgid, just add

PassHeader HTTP_AUTHORIZATION


to the fcgid config

i also use the patch suggested in #3100

i think this should be better documented and closed

comment:7 follow-up:  8 Changed 8 years ago by tch

I had the same issue with WSGI:

Solution -

comment:8 in reply to:  7 ; follow-up:  9 Changed 8 years ago by Thijs Triemstra

Cc: Thijs Triemstra added; anonymous removed

I had the same issue with WSGI:

Solution -

Seems like this, and other suggestions in this ticket, should be documented on the plugin's frontpage, and then it can be closed?

comment:9 in reply to:  8 Changed 8 years ago by anonymous

Any ideas on how to get around this when using mod_python (No WSGI, FastCGI) etc. I am currently unable to use the Register and Change Password features of the AccountManager due to this.

Also, am I correct in thinking this is linked to 1390? I get the same error message when attempting to log in after having created a new user.

Relevant trac.ini section

[account-manager]
hash_method = HtPasswdHashMethod

[components]
acct_mgr.api.accountmanager = enabled
acct_mgr.htfile.htpasswdstore = enabled
acct_mgr.http.httpauthstore = disabled
acct_mgr.pwhash.htpasswdhashmethod = enabled
acct_mgr.web_ui.accountmodule = enabled
acct_mgr.web_ui.emailverificationmodule = disabled
acct_mgr.web_ui.registrationmodule = enabled
httpauth.* = enabled


comment:10 Changed 8 years ago by mcburn

what is the solution without an apache2?

i try to connect with eclipse/mylin to http://.../trac/login/xmlrpc and i got this msg: Unable to authenticate with repository. Login credentials invalid.

and if i try it with a browser, the login prompt toggled and i have to cancel.

comment:11 follow-up:  12 Changed 8 years ago by daddy.cool.78@…

Having the same problem described here, I couldn't use the solution described. For whatever reason, I always finished with a error 500 on my server.

For the record, I'm using Dreamhost for server and I use a custom python to run the Trac.

For this to work, I added these line in my .htaccess file :

SetEnvIfNoCase ^Authorization$"(.+)" HTTP_AUTHORIZATION=$1


Didn't put them in any <if> or whatever, so I hope it can help some if you ever get on this page. With this config, EclipseWiki integration works. Finally

comment:12 in reply to:  11 Changed 5 years ago by anonymous

Having the same problem described here, I couldn't use the solution described. For whatever reason, I always finished with a error 500 on my server.

For the record, I'm using Dreamhost for server and I use a custom python to run the Trac.

For this to work, I added these line in my .htaccess file :

SetEnvIfNoCase ^Authorization$"(.+)" HTTP_AUTHORIZATION=$1


Didn't put them in any <if> or whatever, so I hope it can help some if you ever get on this page. With this config, EclipseWiki integration works. Finally

Brilliant, thanks for that. Worked perfectly for me on Dreamhost (trying to get it working so it connects to my Zend Studio).

comment:13 Changed 4 years ago by txcraig

Owner: changed from Noah Kantrowitz to txcraig new → assigned

I am adopting this plugin. Looks like there are some documentation updates needed and this can be closed.

Modify Ticket

Change Properties