Our Apache server runs reviewboard as a wsgi daemon process. Its other 
function is to authenticate the user against active directory and then pass 
the REMOTE_USER header to reviewboard, which we then handle in a custom 
django remote user middleware.

I tried the --disable-proxy switch and still received the same error for 
both commands (`post` and `status`).

If i try to do a get on the site directly, it works (meaning the 
credentials are likely not being sent correctly):

$ curl -usvc-reviewboard:`cat ~/.svc-reviewboard` 
http://reviewboard.company.com/api/validation/diffs/; echo
{"stat": "ok", "links": {"self": {"href": 
"http://reviewboard.company.com/api/validation/diffs/";, "method": "GET"}, 
"create": {"href": "http://reviewboard.company.com/api/validation/diffs/";, 
"method": "POST"}}}


On Wednesday, September 2, 2015 at 5:41:53 PM UTC-4, Christian Hammond 
wrote:
>
> What this looks like to me is that our attempts at pre-filling the 
> Authorization header isn't working. Looks like the proxy is getting in the 
> way and eating it. Review Board then sends a 401, which is supposed to have 
> an API payload, but the proxy is messing with that.
>
> Is this a proxy server for internal usage, or is it meant to be used to 
> reach the outside Internet? Assuming the server is within the network, can 
> you just use --disable-proxy (or DISABLE_PROXY = True in ~/.reviewboardrc) ?
>
> Christian
>
> -- 
> Christian Hammond - chi...@chipx86.com <javascript:>
> Review Board - https://www.reviewboard.org
> Beanbag, Inc. - https://www.beanbaginc.com
>
> On Tue, Sep 1, 2015 at 6:55 AM, Zach <zac...@gmail.com <javascript:>> 
> wrote:
>
>> I realized it's getting a 401 on api/validation/diffs for `post` and an 
>> error on api/session/?expand=user for `status`:
>>
>> $ ~/rbtools0.7.4/bin/rbt post --username=svc-reviewboard --password=`cat 
>> ~/.svc-reviewboard` --debug
>> >>> RBTools 0.7.4
>> >>> Python 2.6.6 (r266:84292, Nov 21 2013, 10:50:32)
>> [GCC 4.4.7 20120313 (Red Hat 4.4.7-4)]
>> >>> Running on 
>> Linux-2.6.32-504.23.4.el6.x86_64-x86_64-with-redhat-6.6-Santiago
>> >>> Home = /home/<username>
>> >>> Current directory = /home/<username>/rb_test
>> >>> Running: git version
>> >>> Checking for a Subversion repository...
>> >>> Running: svn --non-interactive info
>> >>> Command exited with rc 1: ['svn', '--non-interactive', u'info']
>> svn: '.' is not a working copy
>> ---
>> >>> Checking for a Git repository...
>> >>> Running: git rev-parse --git-dir
>> >>> Running: git config core.bare
>> >>> Running: git rev-parse --show-toplevel
>> >>> Running: git symbolic-ref -q HEAD
>> >>> Running: git config --get branch.<username>_rb_test.merge
>> >>> Command exited with rc 1: ['git', 'config', '--get', u'branch.
>> <username>_rb_test.merge']
>> ---
>> >>> Running: git config --get branch.<username>_rb_test.remote
>> >>> Command exited with rc 1: ['git', 'config', '--get', u'branch.
>> <username>_rb_test.remote']
>> ---
>> >>> Running: git config --get remote.origin.url
>> >>> repository info: Path: https://<gitlabusername>:<gitlabpassword>@
>> gitlab.company.com/<folder>/<repo>.git, Base path: , Supports 
>> changesets: False
>> >>> Making HTTP GET request to http://reviewboard.company.com/api/
>> >>> Running: git rev-parse refs/heads/<username>t_new_rb_test
>> >>> Running: git merge-base 0acfafe86d9f898ae5eebfdd23a1fc26643c71ab 
>> origin/<username>_rb_test
>> >>> Running: git rev-parse e574f4d22b67539c7e192e08462fb260807e6ecd
>> >>> Running: git status --porcelain --untracked-files=no
>> >>> Running: git rev-parse --git-dir
>> >>> Running: git -c core.quotepath=false -c diff.noprefix=false diff 
>> --no-color --full-index --ignore-submodules -M --no-ext-diff 
>> e574f4d22b67539c7e192e08462fb260807e6ecd..0acfafe86d9f898ae5eebfdd23a1fc26643c71ab
>> >>> Making HTTP GET request to 
>> http://reviewboard.company.com/api/validation/diffs/
>> >>> Got HTTP error: 401: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 
>> 2.0//EN">
>> <html><head>
>> <title>401 Authorization Required</title>
>> </head><body>
>> <h1>Authorization Required</h1>
>> <p>This server could not verify that you
>> are authorized to access the document
>> requested.  Either you supplied the wrong
>> credentials (e.g., bad password), or your
>> browser doesn't understand how to supply
>> the credentials required.</p>
>> </body></html>
>>
>> Traceback (most recent call last):
>>   File "/home/<username>/rbtools0.7.4/bin/rbt", line 9, in <module>
>>     load_entry_point('RBTools==0.7.4', 'console_scripts', 'rbt')()
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/main.py",
>>  
>> line 133, in main
>>     command.run_from_argv([RB_MAIN, command_name] + args)
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/__init__.py",
>>  
>> line 612, in run_from_argv
>>     exit_code = self.main(*args) or 0
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/post.py",
>>  
>> line 754, in main
>>     (msg_prefix, e))
>> rbtools.commands.CommandError: Error validating diff
>>
>> HTTP 401
>>
>>
>> $  ~/rbtools0.7.4/bin/rbt status --username=svc-reviewboard 
>> --password=`cat ~/.svc-reviewboard` --debug
>> >>> RBTools 0.7.4
>> >>> Python 2.6.6 (r266:84292, Nov 21 2013, 10:50:32)
>> [GCC 4.4.7 20120313 (Red Hat 4.4.7-4)]
>> >>> Running on 
>> Linux-2.6.32-504.23.4.el6.x86_64-x86_64-with-redhat-6.6-Santiago
>> >>> Home = /home/<username>
>> >>> Current directory = /home/<username>/rb_test
>> >>> Running: git version
>> >>> Checking for a Subversion repository...
>> >>> Running: svn --non-interactive info
>> >>> Command exited with rc 1: ['svn', '--non-interactive', u'info']
>> svn: '.' is not a working copy
>> ---
>> >>> Checking for a Git repository...
>> >>> Running: git rev-parse --git-dir
>> >>> Running: git config core.bare
>> >>> Running: git rev-parse --show-toplevel
>> >>> Running: git symbolic-ref -q HEAD
>> >>> Running: git config --get branch.<username>_rb_test.merge
>> >>> Command exited with rc 1: ['git', 'config', '--get', 
>> u'branch.<username>_rb_test.merge']
>> ---
>> >>> Running: git config --get branch.<username>_rb_test.remote
>> >>> Command exited with rc 1: ['git', 'config', '--get', 
>> u'branch.<username>_rb_test.remote']
>> ---
>> >>> Running: git config --get remote.origin.url
>> >>> repository info: Path: https://<gitlabusername>:<gitlabpassword>@
>> gitlab.company.com/formulas/review-board.git, Base path: , Supports 
>> changesets: False
>> >>> Making HTTP GET request to http://reviewboard.company.com/api/
>> >>> Making HTTP GET request to 
>> http://reviewboard.company.com/api/session/?expand=user
>> >>> Got HTTP error: 401: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 
>> 2.0//EN">
>> <html><head>
>> <title>401 Authorization Required</title>
>> </head><body>
>> <h1>Authorization Required</h1>
>> <p>This server could not verify that you
>> are authorized to access the document
>> requested.  Either you supplied the wrong
>> credentials (e.g., bad password), or your
>> browser doesn't understand how to supply
>> the credentials required.</p>
>> </body></html>
>>
>> Traceback (most recent call last):
>>   File "/home/<username>/rbtools0.7.4/bin/rbt", line 9, in <module>
>>     load_entry_point('RBTools==0.7.4', 'console_scripts', 'rbt')()
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/main.py",
>>  
>> line 133, in main
>>     command.run_from_argv([RB_MAIN, command_name] + args)
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/__init__.py",
>>  
>> line 612, in run_from_argv
>>     exit_code = self.main(*args) or 0
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/status.py",
>>  
>> line 41, in main
>>     username = get_username(api_client, api_root, auth_required=True)
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/utils/users.py",
>>  
>> line 64, in get_username
>>     user = get_user(api_client, api_root, auth_required)
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/utils/users.py",
>>  
>> line 54, in get_user
>>     session = get_authenticated_session(api_client, api_root, 
>> auth_required)
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/utils/users.py",
>>  
>> line 22, in get_authenticated_session
>>     session = api_root.get_session(expand='user')
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/resource.py",
>>  
>> line 146, in <lambda>
>>     self._get_url(url, **kwargs)))
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/decorators.py",
>>  
>> line 27, in request_method
>>     *args, **kwargs)
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/transport/sync.py",
>>  
>> line 74, in execute_request_method
>>     return self._execute_request(request)
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/transport/sync.py",
>>  
>> line 83, in _execute_request
>>     rsp = self.server.make_request(request)
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/request.py",
>>  
>> line 577, in make_request
>>     self.process_error(e.code, e.read())
>>   File 
>> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/request.py",
>>  
>> line 553, in process_error
>>     raise APIError(http_status, None, None, data)
>> rbtools.api.errors.APIError: HTTP 401
>>
>>
>>
>> On Tuesday, June 24, 2014 at 1:38:03 AM UTC-4, Pierre Mariani wrote:
>>
>>> We use Review Board at work. It is installed on a web server that
>>> is protected by HTTP Basic Authentication.
>>>
>>> We haven't been able to use RBTools to interact with it as we
>>> couldn't find the right configuration to pass this authentication
>>> wall.
>>>
>>> After looking through the code, I didn't see how it could be
>>> configured at all, and came to the conclusion that this feature
>>> wasn't supported.
>>>
>>> I also didn't find an obvious way to modify
>>> ReviewBoardHTTPBasicAuthHandler or ReviewBoardHTTPPasswordMgr to
>>> add that feature.
>>>
>>> I resorted to defining a new server option, and passing it
>>> through RBClient, SyncTransport and finally to ReviewBoardServer,
>>> where it is used to define a new urllib2.HTTPBasicAuthHandler
>>> which gets added to the list of handlers.
>>> You can see the diff at
>>> https://github.com/pmariani/rbtools/compare/basic-auth-hack
>>>
>>> It's hacky but good enough for my use case.  However, I would
>>> rather not maintain a fork and would like to be able to push
>>> similar changes back to the main RBTools repo.
>>>
>>> Can someone confirm that HTTP Basic Authentication isn't currently 
>>> supported
>>>  in RBTools?
>>>
>>> Are there design resources that would let me adapt my hack to
>>> something acceptable by the project?
>>>
>>> Thank you
>>>
>>>
>>> -- 
>> Supercharge your Review Board with Power Pack: 
>> https://www.reviewboard.org/powerpack/
>> Want us to host Review Board for you? Check out RBCommons: 
>> https://rbcommons.com/
>> Happy user? Let us know! https://www.reviewboard.org/users/
>>
>> --- 
>> You received this message because you are subscribed to the Google Groups 
>> "reviewboard" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to reviewboard...@googlegroups.com <javascript:>.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
Supercharge your Review Board with Power Pack: 
https://www.reviewboard.org/powerpack/
Want us to host Review Board for you? Check out RBCommons: 
https://rbcommons.com/
Happy user? Let us know! https://www.reviewboard.org/users/
--- 
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to reviewboard+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to