I was looking for feedback just to know if somebody's been able to
setup XmlRpcPlugin and make it work with HTTP digest authentication .
I look forward to your reply . Thanks in advance !
--
Regards,
Olemis
Facebook => http://www.facebook.com/olemis
Twitter => http://www.twitter.com/olemislc (@olemislc)
Blog ES => http://simelo-es.blogspot.com
Blog EN => http://simelo-en.blogspot.com
Quora => http://www.quora.com/olemis
Youtube => http://youtube.com/user/greatsoftw
Featured article : Identificando números primos con expresión regular en Perl
http://feedproxy.google.com/~r/simelo-news/~3/BHr859OSndo/identificando-numeros-primos-con.html
Tweet: yo no puedo creer q haya pasado inadvertido el 1/2/12 12:12 ...
@elainediaz2003 no dijo na' ... OMG ! ... much more coming soon ;) #fb
Follow @olemislc Reply Retweet 12:59 Feb-01
Get this email app!
Get a signature like this. CLICK HERE.
:)
> There is no problem using the RPC plugin with digest auth - or any
> particular other auth for that matter. The RPC plugin just uses what
> it gets from Trac, and if Trac can authenticate then the plugin is
> fine with that.
>
> The real problem is that CLIENTS generally don't support digest auth,
> or any other particular auth mechanism other than lowest common
> denominator: Basic Authentication.
oh ! now I see .
> So something like Python xmlrpclib
> only supports Basic auth. However, if you were to build a custom
> client that provides its own authentication handlers, all should be
> fine. Other clients for other platforms like Java, .Net or whatever
> may support further mechanisms - including Digest. I don't know. But
> in the end it all depends on the client.
>
> If you configure a project with digest auth, you should have no
> problem using curl to make authenticated calls to a Trac /rpc handler.
> "man curl" for all details of curl options... :-)
>
Thnx for the pointer
;)
There is no problem using the RPC plugin with digest auth - or any
particular other auth for that matter. The RPC plugin just uses what
it gets from Trac, and if Trac can authenticate then the plugin is
fine with that.
The real problem is that CLIENTS generally don't support digest auth,
or any other particular auth mechanism other than lowest common
denominator: Basic Authentication. So something like Python xmlrpclib
only supports Basic auth. However, if you were to build a custom
client that provides its own authentication handlers, all should be
fine. Other clients for other platforms like Java, .Net or whatever
may support further mechanisms - including Digest. I don't know. But
in the end it all depends on the client.
If you configure a project with digest auth, you should have no
problem using curl to make authenticated calls to a Trac /rpc handler.
"man curl" for all details of curl options... :-)
What other plugins have you deployed ? There are a number of
interactions that can make this fails , especially if you are using
AccountManagerPlugin together with server (e.g. apache2) digest auth
handlers then check this out
http://trac-hacks.org/wiki/XmlRpcPlugin#ProblemswhenAccountManagerPluginisenabled
> $ curl --data '<?xml
> version="1.0"?><methodCall><methodName>wiki.getPage</methodName><params><param><value><string>SandBox</string></value></param></params></methodCall>'
>
> --header 'Content-Type: text/xml' --digest --user "$user:$password"
> --dump-header - 'http://localhost:8080/login/xmlrpc'
[...]
>
> It seems that the XmlRpcPlugin will return a 200 OK status code even if
> authentication is required.
Actually what (I think that) is happening there is that user
authentication succeeded but Trac did not not detect the REMOTE_USER ,
thus falling back to anonymous login .
> Shouldn't it send a different status code so
> curl known that it should send the authentication data to the server?
It should ...
- What's the HTTP server ?
- Digest auth is enabled , what about anonymous access ?
* If there's anonymous access to /login/... is forbidden then you'll
get expeted HTTP error status .
- Have you tried using an invalid password or non-existent user ?
- Digest auth is enabled , what about anonymous access ?
* If there's anonymous access to /login/... is forbidden then you'll
get expeted HTTP error status .
On 8/27/13, Feuermurmel <michi....@gmail.com> wrote:
> On Monday, August 26, 2013 6:16:45 PM UTC+2, olemis wrote:
>>
>> - Digest auth is enabled , what about anonymous access ?
>> * If there's anonymous access to /login/... is forbidden then you'll
>> get expeted HTTP error status .
>>
>
> Is it possible that the authentication work needs to be done by the HTTP
> server for XmlRpcPlugin to work?
>
[...]
Yes , of course . When account manager is deployed somehow you have to
specify that RPC requests will have to be touched by some digest auth
handler . That could be one of
- Server digest auth module ...
- trachacks:HttpAuthPlugin
Indeed I usually set the match for "^/login/.*" but that's up to you
to decide ...