HTTP basic authentication not working in 2.5

89 views
Skip to first unread message

Ugo Bataillard

unread,
Sep 26, 2012, 12:33:23 PM9/26/12
to lif...@googlegroups.com

Hello everyone,

When switching to Lift 2.5 my basic http authentication doesn't happen anymore and I have no idea why. I just switched back to 2.4 to confirm that it doesn't come from anything else and this is the case.
Here is my code:

LiftRules.httpAuthProtectedResource.prepend {
       case Req("api"::"post"::_, _, PostRequest) => Full(AuthRole("user"))
}

LiftRules.authentication = HttpBasicAuthentication("api") {
            case (username, password, req) => {
                authService.login(username,password) match {
                    case Full(user) => {
                        userRoles(AuthRole("user"))
                        true
                    }
                    case _ => {
                        false
                    }
                }
            }
        }

Thank you in advance

Ugo

Diego Medina

unread,
Sep 26, 2012, 12:43:33 PM9/26/12
to lif...@googlegroups.com

Could you post a sample app showing this? Later tonight a can track down which change in lift broke this (please see the signature on this email for instructions).
Thanks

Diego

Diego
Sent from my android cell

--
--
Lift, the simply functional web framework: http://liftweb.net
Code: http://github.com/lift
Discussion: http://groups.google.com/group/liftweb
Stuck? Help us help you: https://www.assembla.com/wiki/show/liftweb/Posting_example_code
 
 
 

Ugo Bataillard

unread,
Sep 26, 2012, 9:15:31 PM9/26/12
to lif...@googlegroups.com
Hi Diego,
Thank you for your quick answer, I'll try that this afternoon.

Diego Medina

unread,
Sep 26, 2012, 9:17:57 PM9/26/12
to lif...@googlegroups.com
On Wed, Sep 26, 2012 at 9:15 PM, Ugo Bataillard <u...@bataillard.me> wrote:
> Hi Diego,
> Thank you for your quick answer, I'll try that this afternoon.

Thanks
Diego Medina
Lift/Scala Developer
di...@fmpwizard.com
http://www.fmpwizard.com

Ugo Bataillard

unread,
Sep 27, 2012, 1:43:25 AM9/27/12
to lif...@googlegroups.com
Here it is :
https://github.com/knshiro/lift-2.5-httpauthentication-broken

Diego Medina

unread,
Sep 30, 2012, 10:31:14 PM9/30/12
to lif...@googlegroups.com
I started working on this, if I don;t reply by wednesday, feel free to
send me a reminder. (While we normally discourage nagging, I really
want to get this fixed before 2.5-M2)

Thanks

Diego

Ugo Bataillard

unread,
Oct 1, 2012, 1:17:23 AM10/1/12
to lif...@googlegroups.com
No worries, I will.
Thank you very much for your support !

Ugo

Diego Medina

unread,
Oct 1, 2012, 6:36:06 AM10/1/12
to lif...@googlegroups.com

Good news and bad news. Good news I didn't break this with the commit I thought.
Bad news is that I went back 7 month in history and this was still broken.

Now I'm trying a new approach to finding the solution.

Thanks

Diego
Sent from my android cell

Diego Medina

unread,
Oct 2, 2012, 9:32:53 PM10/2/12
to lif...@googlegroups.com
Ok, more results (no solution though).

If the browser sends the Authentication data, Lift routes the request
the right way, but for some reason, it does not send a 401 in the
first place (so the browser would ask you for a username/password.
I'll continue to look to see what changed in 2.5 that could cause this.

But in the meantime, you can go ahead and enter a bug at
ticket.liftweb.net and assign it to me. Add a note linking this
thread, so we have a reference.

Thanks

Diego

Ugo Bataillard

unread,
Oct 3, 2012, 1:21:27 AM10/3/12
to lif...@googlegroups.com
Thank you very much for your time Diego, I'll fill a bug then.

Ugo

Diego Medina

unread,
Oct 11, 2012, 10:11:34 AM10/11/12
to lif...@googlegroups.com
Thanks to Aditya, it is now fixed

https://github.com/lift/framework/issues/1330

it should be in snapshot in a few hours

Thanks

Diego
Reply all
Reply to author
Forward
0 new messages