Can't authenticate using API 2.0

19 views
Skip to first unread message

Colin Caughie

unread,
Nov 5, 2010, 3:29:04 AM11/5/10
to revie...@googlegroups.com
Hi,

I'm playing with the new ReviewBoard API with a test installation of RB 1.5, and can't seem to get basic authentication to work. I'm testing it just by typing "http://ourserver/api/info/" into Firefox, entering my username and password when it asks, but I keep getting 401 UNAUTHORIZED responses.

I've taken a Wireshark trace and it looks like the client is doing the right thing. Moreover I can log in fine using the normal login page, which seems to use a different mechanism. (After logging in from the login page I can access the API resources because it uses the cookie thereafter.)

Is there anything I need to do to get this to work?

Thanks,
Colin


Latest News at: http://www.indigovision.com/news2010.php

Christian Hammond

unread,
Nov 5, 2010, 4:09:28 AM11/5/10
to revie...@googlegroups.com
Hi Colin,

I just tried to repro it here, and it works fine. We'll have to do some investigation...

When you try this, is it with a fully-qualified domain, or just something more like "ourserver"? If the latter, see what happens when you try a FQDN or an IP address.

What type of authentication is being used on there? And what web server?

If the above doesn't work, it would help to set up a development install and to try it there in order to rule out the possibility of it being the web server.

Christian

--
Christian Hammond - chi...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com



--
Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to reviewboard...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en

Colin Caughie

unread,
Nov 5, 2010, 5:37:46 AM11/5/10
to revie...@googlegroups.com

Hi Christian,

 

Thanks for the speedy reply. I’ve tried with the FQDN and IP address as well as the plain hostname and I get the same result. The wireshark trace shows that it’s using Basic Authentication as described in the API docs. (I can send you the wireshark trace if you think it would help).

 

The server is running Apache 2.2.16 on Fedora 14. We imported all of the configuration and data from our 1.0.9 installation in order to test the new version.

 

It uses Active Directory as the authentication back-end. Could that be part of the problem? I changing my account to use a sha1 password instead but it made no difference.

 

Colin

 


scanned for viruses and spam by indigovision
If you consider this email spam, please forward to sp...@emailfiltering.com

Christian Hammond

unread,
Nov 5, 2010, 10:38:32 PM11/5/10
to revie...@googlegroups.com
Hi Colin,

Sorry for my subsequent less-than-speedy reply. Long day.

I don't know that AD would be the cause, but it's worth considering.

I would like to see the Wireshark trace, just to see if I can simulate the same problem. Feel free to just e-mail me that directly.

Thanks!


Christian

--
Christian Hammond - chi...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com


Jan Koprowski

unread,
Nov 6, 2010, 2:29:02 AM11/6/10
to revie...@googlegroups.com
Hi,

Few questions.
1) While rb-site install there is user created. Is authentication
login works fine for this user?
2) When You login as AD user: what do You see in logs when You login
using login page, and what if You use API?

--
><> Jan Koprowski

Colin Caughie

unread,
Nov 6, 2010, 5:53:49 AM11/6/10
to revie...@googlegroups.com
Hi Jan,

1) I couldn't tell you, it wasn't me who set up the server. I'll try to find out from my colleague who did.

2) When I log in using the login page using my AD password I see the following line repeated many times:

2010-11-06 09:50:10,143 - DEBUG - Search root dc=indigovision,dc=com

When I login using my SHA1 password, or type the wrong password, I see the following once:

2010-11-06 09:42:23,967 - WARNING - Active Directory: Failed login for user cfc

When I try to access the API URLs I don't see anything at all. Do I maybe need to increase the logging level?

Thanks,
Colin

> --------------------------------------------------------------------
> ----------------


> scanned for viruses and spam by indigovision

> If you believe this email is spam, please forward to
> sp...@emailfiltering.com

Colin Caughie

unread,
Nov 6, 2010, 10:53:01 AM11/6/10
to revie...@googlegroups.com
> > 1) While rb-site install there is user created. Is authentication
> > login works fine for this user?

> 1) I couldn't tell you, it wasn't me who set up the server. I'll try


> to find out from my colleague who did.

I got this information and tried again with the username and password that were set up during installation. Authentication failed in the same way as before.

Reply all
Reply to author
Forward
0 new messages