On Mon, Mar 2, 2015 at 11:02 AM, Mike Watson <
mike.a...@gmail.com> wrote:
> Hi Shawn,
>
> Thanks again for taking the time to help me.
> A quick background on what I am doing....I am trying to port some load
> testing scripts that worked with 2.4 to work with 2.8.5. The original
> developer was getting the xsrf token to pass into subsequent RPC calls to do
> actions on the gerrit server as a user. From what I can tell, the passing
> in of the token was done to mimic the user experience in the UI (i.e. the
> user doesn't log in before every operation in the UI).
OK. I think the load test will produce the same results, but it is
different code paths.
The cookie path is doing user authentication based on an in-memory
cache of known good cookies associated to user accounts.
Authentication is just looking that up and then comparing the XSRF
token from a special HTTP header also matches up.
Digest password based authentication requires an extra HTTP round trip
to bootstrap the authentication string that appears in the
Authorization header. The string is checked against a database record
that is cached in memory.
As for pulling the XSRF token out of the page, you have to load "/"
using a valid cookie and then pull out the <script> block and parse
the token from it. You need a regex against the HTML like:
/gerrit_hostpagedata\.xGerritAuth="(.*?)"/
> Our gerrit.config file has AUTH set for LDAP.
>
> I set the http password in my settings on the target gerrit server.
>
> I tried to use curl to list projects...using the digest authentication
> "/a"...
>
> The command I used was curl -v --user "name:password"
> http://<gerrit-server</a/projects/
>
> But I get an "HTTP/1.1 401Unauthorized" error. Not sure if that is because
> the gerrit.config has AUTH set for LDAP? Or something else I don't have
> configured properly?
Try adding --anyauth to the curl line.
> --
> --
> To unsubscribe, email
repo-discuss...@googlegroups.com
> More info at
http://groups.google.com/group/repo-discuss?hl=en
>
> ---
> You received this message because you are subscribed to the Google Groups
> "Repo and Gerrit Discussion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
repo-discuss...@googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.