Our Apache server runs reviewboard as a wsgi daemon process. Its other function is to authenticate the user against active directory and then pass the REMOTE_USER header to reviewboard, which we then handle in a custom django remote user middleware.
I tried the --disable-proxy switch and still received the same error for both commands (`post` and `status`). If i try to do a get on the site directly, it works (meaning the credentials are likely not being sent correctly): $ curl -usvc-reviewboard:`cat ~/.svc-reviewboard` http://reviewboard.company.com/api/validation/diffs/; echo {"stat": "ok", "links": {"self": {"href": "http://reviewboard.company.com/api/validation/diffs/";, "method": "GET"}, "create": {"href": "http://reviewboard.company.com/api/validation/diffs/";, "method": "POST"}}} On Wednesday, September 2, 2015 at 5:41:53 PM UTC-4, Christian Hammond wrote: > > What this looks like to me is that our attempts at pre-filling the > Authorization header isn't working. Looks like the proxy is getting in the > way and eating it. Review Board then sends a 401, which is supposed to have > an API payload, but the proxy is messing with that. > > Is this a proxy server for internal usage, or is it meant to be used to > reach the outside Internet? Assuming the server is within the network, can > you just use --disable-proxy (or DISABLE_PROXY = True in ~/.reviewboardrc) ? > > Christian > > -- > Christian Hammond - [email protected] <javascript:> > Review Board - https://www.reviewboard.org > Beanbag, Inc. - https://www.beanbaginc.com > > On Tue, Sep 1, 2015 at 6:55 AM, Zach <[email protected] <javascript:>> > wrote: > >> I realized it's getting a 401 on api/validation/diffs for `post` and an >> error on api/session/?expand=user for `status`: >> >> $ ~/rbtools0.7.4/bin/rbt post --username=svc-reviewboard --password=`cat >> ~/.svc-reviewboard` --debug >> >>> RBTools 0.7.4 >> >>> Python 2.6.6 (r266:84292, Nov 21 2013, 10:50:32) >> [GCC 4.4.7 20120313 (Red Hat 4.4.7-4)] >> >>> Running on >> Linux-2.6.32-504.23.4.el6.x86_64-x86_64-with-redhat-6.6-Santiago >> >>> Home = /home/<username> >> >>> Current directory = /home/<username>/rb_test >> >>> Running: git version >> >>> Checking for a Subversion repository... >> >>> Running: svn --non-interactive info >> >>> Command exited with rc 1: ['svn', '--non-interactive', u'info'] >> svn: '.' is not a working copy >> --- >> >>> Checking for a Git repository... >> >>> Running: git rev-parse --git-dir >> >>> Running: git config core.bare >> >>> Running: git rev-parse --show-toplevel >> >>> Running: git symbolic-ref -q HEAD >> >>> Running: git config --get branch.<username>_rb_test.merge >> >>> Command exited with rc 1: ['git', 'config', '--get', u'branch. >> <username>_rb_test.merge'] >> --- >> >>> Running: git config --get branch.<username>_rb_test.remote >> >>> Command exited with rc 1: ['git', 'config', '--get', u'branch. >> <username>_rb_test.remote'] >> --- >> >>> Running: git config --get remote.origin.url >> >>> repository info: Path: https://<gitlabusername>:<gitlabpassword>@ >> gitlab.company.com/<folder>/<repo>.git, Base path: , Supports >> changesets: False >> >>> Making HTTP GET request to http://reviewboard.company.com/api/ >> >>> Running: git rev-parse refs/heads/<username>t_new_rb_test >> >>> Running: git merge-base 0acfafe86d9f898ae5eebfdd23a1fc26643c71ab >> origin/<username>_rb_test >> >>> Running: git rev-parse e574f4d22b67539c7e192e08462fb260807e6ecd >> >>> Running: git status --porcelain --untracked-files=no >> >>> Running: git rev-parse --git-dir >> >>> Running: git -c core.quotepath=false -c diff.noprefix=false diff >> --no-color --full-index --ignore-submodules -M --no-ext-diff >> e574f4d22b67539c7e192e08462fb260807e6ecd..0acfafe86d9f898ae5eebfdd23a1fc26643c71ab >> >>> Making HTTP GET request to >> http://reviewboard.company.com/api/validation/diffs/ >> >>> Got HTTP error: 401: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML >> 2.0//EN"> >> <html><head> >> <title>401 Authorization Required</title> >> </head><body> >> <h1>Authorization Required</h1> >> <p>This server could not verify that you >> are authorized to access the document >> requested. Either you supplied the wrong >> credentials (e.g., bad password), or your >> browser doesn't understand how to supply >> the credentials required.</p> >> </body></html> >> >> Traceback (most recent call last): >> File "/home/<username>/rbtools0.7.4/bin/rbt", line 9, in <module> >> load_entry_point('RBTools==0.7.4', 'console_scripts', 'rbt')() >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/main.py", >> >> line 133, in main >> command.run_from_argv([RB_MAIN, command_name] + args) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/__init__.py", >> >> line 612, in run_from_argv >> exit_code = self.main(*args) or 0 >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/post.py", >> >> line 754, in main >> (msg_prefix, e)) >> rbtools.commands.CommandError: Error validating diff >> >> HTTP 401 >> >> >> $ ~/rbtools0.7.4/bin/rbt status --username=svc-reviewboard >> --password=`cat ~/.svc-reviewboard` --debug >> >>> RBTools 0.7.4 >> >>> Python 2.6.6 (r266:84292, Nov 21 2013, 10:50:32) >> [GCC 4.4.7 20120313 (Red Hat 4.4.7-4)] >> >>> Running on >> Linux-2.6.32-504.23.4.el6.x86_64-x86_64-with-redhat-6.6-Santiago >> >>> Home = /home/<username> >> >>> Current directory = /home/<username>/rb_test >> >>> Running: git version >> >>> Checking for a Subversion repository... >> >>> Running: svn --non-interactive info >> >>> Command exited with rc 1: ['svn', '--non-interactive', u'info'] >> svn: '.' is not a working copy >> --- >> >>> Checking for a Git repository... >> >>> Running: git rev-parse --git-dir >> >>> Running: git config core.bare >> >>> Running: git rev-parse --show-toplevel >> >>> Running: git symbolic-ref -q HEAD >> >>> Running: git config --get branch.<username>_rb_test.merge >> >>> Command exited with rc 1: ['git', 'config', '--get', >> u'branch.<username>_rb_test.merge'] >> --- >> >>> Running: git config --get branch.<username>_rb_test.remote >> >>> Command exited with rc 1: ['git', 'config', '--get', >> u'branch.<username>_rb_test.remote'] >> --- >> >>> Running: git config --get remote.origin.url >> >>> repository info: Path: https://<gitlabusername>:<gitlabpassword>@ >> gitlab.company.com/formulas/review-board.git, Base path: , Supports >> changesets: False >> >>> Making HTTP GET request to http://reviewboard.company.com/api/ >> >>> Making HTTP GET request to >> http://reviewboard.company.com/api/session/?expand=user >> >>> Got HTTP error: 401: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML >> 2.0//EN"> >> <html><head> >> <title>401 Authorization Required</title> >> </head><body> >> <h1>Authorization Required</h1> >> <p>This server could not verify that you >> are authorized to access the document >> requested. Either you supplied the wrong >> credentials (e.g., bad password), or your >> browser doesn't understand how to supply >> the credentials required.</p> >> </body></html> >> >> Traceback (most recent call last): >> File "/home/<username>/rbtools0.7.4/bin/rbt", line 9, in <module> >> load_entry_point('RBTools==0.7.4', 'console_scripts', 'rbt')() >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/main.py", >> >> line 133, in main >> command.run_from_argv([RB_MAIN, command_name] + args) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/__init__.py", >> >> line 612, in run_from_argv >> exit_code = self.main(*args) or 0 >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/commands/status.py", >> >> line 41, in main >> username = get_username(api_client, api_root, auth_required=True) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/utils/users.py", >> >> line 64, in get_username >> user = get_user(api_client, api_root, auth_required) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/utils/users.py", >> >> line 54, in get_user >> session = get_authenticated_session(api_client, api_root, >> auth_required) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/utils/users.py", >> >> line 22, in get_authenticated_session >> session = api_root.get_session(expand='user') >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/resource.py", >> >> line 146, in <lambda> >> self._get_url(url, **kwargs))) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/decorators.py", >> >> line 27, in request_method >> *args, **kwargs) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/transport/sync.py", >> >> line 74, in execute_request_method >> return self._execute_request(request) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/transport/sync.py", >> >> line 83, in _execute_request >> rsp = self.server.make_request(request) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/request.py", >> >> line 577, in make_request >> self.process_error(e.code, e.read()) >> File >> "/home/<username>/rbtools0.7.4/lib/python2.6/site-packages/RBTools-0.7.4-py2.6.egg/rbtools/api/request.py", >> >> line 553, in process_error >> raise APIError(http_status, None, None, data) >> rbtools.api.errors.APIError: HTTP 401 >> >> >> >> On Tuesday, June 24, 2014 at 1:38:03 AM UTC-4, Pierre Mariani wrote: >> >>> We use Review Board at work. It is installed on a web server that >>> is protected by HTTP Basic Authentication. >>> >>> We haven't been able to use RBTools to interact with it as we >>> couldn't find the right configuration to pass this authentication >>> wall. >>> >>> After looking through the code, I didn't see how it could be >>> configured at all, and came to the conclusion that this feature >>> wasn't supported. >>> >>> I also didn't find an obvious way to modify >>> ReviewBoardHTTPBasicAuthHandler or ReviewBoardHTTPPasswordMgr to >>> add that feature. >>> >>> I resorted to defining a new server option, and passing it >>> through RBClient, SyncTransport and finally to ReviewBoardServer, >>> where it is used to define a new urllib2.HTTPBasicAuthHandler >>> which gets added to the list of handlers. >>> You can see the diff at >>> https://github.com/pmariani/rbtools/compare/basic-auth-hack >>> >>> It's hacky but good enough for my use case. However, I would >>> rather not maintain a fork and would like to be able to push >>> similar changes back to the main RBTools repo. >>> >>> Can someone confirm that HTTP Basic Authentication isn't currently >>> supported >>> in RBTools? >>> >>> Are there design resources that would let me adapt my hack to >>> something acceptable by the project? >>> >>> Thank you >>> >>> >>> -- >> Supercharge your Review Board with Power Pack: >> https://www.reviewboard.org/powerpack/ >> Want us to host Review Board for you? Check out RBCommons: >> https://rbcommons.com/ >> Happy user? Let us know! https://www.reviewboard.org/users/ >> >> --- >> You received this message because you are subscribed to the Google Groups >> "reviewboard" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- Supercharge your Review Board with Power Pack: https://www.reviewboard.org/powerpack/ Want us to host Review Board for you? Check out RBCommons: https://rbcommons.com/ Happy user? Let us know! https://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
