Hello,

I've been trying to figure out a solution for the following issue since I 
set up RB two weeks ago, and I'm hoping someone here could help me figure 
it out or point me in the right direction.

I'm running Review Board 1.6.9 and RBTools 0.4.1, using Python 2.6.5. RB is 
set up on Ubuntu 10.04; I tried post-review on both Windows 7 and Ubuntu. 
Browser is Chrome on Windows.

*401 loop when trying to reach a Web API page on a site protected by 
Apache's mod_auth_basic*

I first ran into this issue while testing the post-review app (tried it 
with --username, --password, --http-username and --http-password all filled 
out correctly).

I then tried to reach an API page directly from my browser (e.g. 
https://DOMAIN/api/review-requests/1/)
1. When I first reach the page, I'm greeted with a Basic Auth popup, with 
the realm showing up as the one I'd configured on my server.
2. After submitting my auth credentials, I get a second popup, this time 
with "Web API" showing up as the realm.
3. At this point, I enter my ReviewBoard site admin user/pass to log in. 
Rather than reaching the page, I end up back at the previous auth popup.
4. In short, I just keep hitting 401s back and forth (checked Apache logs 
to confirm).

If I disable site-wide auth, both post-review and direct access via browser 
work (see logs below).

Some logs:

> >>> HTTP GETting api/
> >>> HTTP GETting https://DOMAIN/api/review-requests/1/
> >>> Got API Error 103 (HTTP code 401): You are not logged in
> >>> Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged 
> in', u'code': 103}}
> DOMAIN:443 1.2.3.4 - - [01/Jul/2012:04:41:57 +0000] "GET /api/ HTTP/1.1" 
> 401 5365 "-" "Python-urllib/2.6"
> DOMAIN:443 1.2.3.4 - MyAuthUser [01/Jul/2012:04:41:57 +0000] "GET /api/ 
> HTTP/1.1" 200 10309 "-" "Python-urllib/2.6"
> DOMAIN:443 1.2.3.4 - - [01/Jul/2012:04:41:58 +0000] "GET 
> /api/review-requests/1/ HTTP/1.1" 401 5365 "-" "Python-urllib/2.6"
> DOMAIN:443 1.2.3.4 - MyAuthUser [01/Jul/2012:04:41:59 +0000] "GET 
> /api/review-requests/1/ HTTP/1.1" 401 5285 "-" "Python-urllib/2.6"


Logs with site-wide auth disabled:

> >>> HTTP GETting api/
> >>> HTTP GETting https://DOMAIN/api/review-requests/1/
> DOMAIN:443 1.2.3.4 - - [01/Jul/2012:04:49:57 +0000] "GET /api/ HTTP/1.1" 
> 200 10181 "-" "Python-urllib/2.6"
> DOMAIN:443 1.2.3.4 - - [01/Jul/2012:04:49:58 +0000] "GET 
> /api/review-requests/1/ HTTP/1.1" 401 5157 "-" "Python-urllib/2.6"
> DOMAIN:443 1.2.3.4 - - [01/Jul/2012:04:49:59 +0000] "GET 
> /api/review-requests/1/ HTTP/1.1" 200 7029 "-" "Python-urllib/2.6"


I made sure that WSGIPassAuthorization is set to On.


Does anyone have any ideas? Any help would be greatly appreciated!

-- 
Want to help the Review Board project? Donate today at 
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en

Reply via email to