Modify

Opened 16 years ago

Closed 16 years ago

Last modified 11 years ago

#3598 closed defect (worksforme)

XmlRpcPlugin doesn't work with AccountManagerPlugin.LoginModule

Reported by: anonymous Owned by: Alec Thomas
Priority: normal Component: XmlRpcPlugin
Severity: normal Keywords: XmlRpc AccountManager LoginModule
Cc: radist-hack@…, Olemis Lang Trac Release: 0.11

Description

I've installed both, disabled native trac's LoginModule and configured apache to use http authentication in /trac/[^/]+/login/xmlrpc only (but not in /trac/[^/]+/login) to use AccountManagerPlugin.LoginModule's login form. But xmlrpc client (VSTrac) returned 'Forbidden' error. I tried to configure apache to send authentication request for /trac/[^/]+/login, but achieved nothing except http-authentication in web-interface instead of html-form-based authentication (i.e., VSTrac still said 'Forbidden').


I don't know whether is this XmlRpcPlugin, or AccountManagerPlugin.LoginModule defect, or even trac's plugin api design defect. But it seems, AccountManagerPlugin.LoginModule accepts http-authentication, so I think, the problem is located in XmlRpcPlugin.

Attachments (0)

Change History (3)

comment:1 Changed 16 years ago by osimons

Resolution: worksforme
Status: newclosed

As the XmlRpcPlugin docs (ie. wiki page) says, AccountManagerPlugin replaces authentication to use a forms-based login. Add HttpAuthPlugin to your list of plugins to help correct this for special needs like xmlrpc.

comment:2 in reply to:  1 Changed 11 years ago by Olemis Lang

Replying to osimons:

As the XmlRpcPlugin docs (ie. wiki page) says, AccountManagerPlugin replaces authentication to use a forms-based login. Add HttpAuthPlugin to your list of plugins to help correct this for special needs like xmlrpc.

JFTR , in recent versions of AccountManagerPlugin the only thing that is needed is to insert in TracIni

[account-manager]
environ_auth_overwrite = false

... and setup web server HTTP auth to force valid user for /login/.* paths . Nevertheless this will not work if you are running TracStandalone server because path to /login form will be matched and HTTP authentication enforced as well .

comment:3 Changed 11 years ago by Olemis Lang

Cc: Olemis Lang added

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Alec Thomas.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.