Re: API LDAP Authentiaction
This is on Apache on FastCGI. There's a weird issue with us hosting
WSGI because the server is running an older version of Ubuntu
(something we should correct, but can't at the moment).
On Sep 27, 5:48 pm, Christian Hammond chip...@chipx86.com wrote:
Hi Jeff,
Thanks for sending me that info.
So this actually has nothing to do with LDAP. I've seen this before once, on
Python 2.7 only. My guess is there's something that prevented the right
headers from reaching the server. Some sort of regression on their end (we
already know they broke uploading of binary content).
First off, can you let me know whether you're using the dev server, or
Apache? If Apache, is it mod_wsgi? And if so, is there a
WSGIPassAuthorization On line in the config?
Christian
--
Christian Hammond - chip...@chipx86.com
Review Board -http://www.reviewboard.org
VMware, Inc. -http://www.vmware.com
On Tue, Sep 27, 2011 at 11:02 AM, Jeff Ward j...@fuzzybinary.com wrote:
Yes this is using post-review as the client. Here's the output when I
disable anonymous reads:
C:\Python27\Scripts\post-review --server=http://server:--debug --
repository=repo_name
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports
changesets: True
HTTP GETting api/
HTTP GETtinghttp://server:/api/info/
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Using the deprecated Review Board 1.0 web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Traceback (most recent call last):
File C:\Python27\Scripts\post-review-script.py, line 8, in
module
load_entry_point('rbtools==0.3.3', 'console_scripts', 'post-
review')()
File C:\Python27\lib\site-packages\rbtools-0.3.3-py2.7.egg\rbtools
\postreview.py, line 3988, in main
AttributeError: 'ReviewBoardServer' object has no attribute
'rb_version'
/api doesn't require auth in this scenereo, but /api/info does. I can
not log in to /api/info from a web browser in this situation either.
If I turn on anonymous read I get this:
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports
changesets: True
HTTP GETting api/
HTTP GETtinghttp://server:/api/info/
Using the new web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Error creating review request: You are not logged in (HTTP 401, API
Error 103)
My LDAP does not allow anonymous binds, which I think may be the
issue. Authentication from the main page works though, and since both
are supposed to go through the same code path, I have no idea what's
killing the API auth.
--
Jeff
On Sep 26, 4:12 pm, Christian Hammond chip...@chipx86.com wrote:
Hi Jeff,
Sorry for the late reply.
Our authentication for both the web UI and API go through the same place.
However, you may be hitting other bugs.
Is this using post-review as the client? Can you run with --debug and
show
me the output?
I'm curious what's prompting for a password on /api/, because we don't
Re: API LDAP Authentiaction
Can you tell me exactly which versions of ReviewBoard and Djblets are
installed, and what version of Python is being used on the server? I can
build you some packages with extended debug info to help figure out where
auth is getting stuck.
Christian
--
Christian Hammond - chip...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com
On Wed, Sep 28, 2011 at 7:12 AM, Jeff Ward j...@fuzzybinary.com wrote:
This is on Apache on FastCGI. There's a weird issue with us hosting
WSGI because the server is running an older version of Ubuntu
(something we should correct, but can't at the moment).
On Sep 27, 5:48 pm, Christian Hammond chip...@chipx86.com wrote:
Hi Jeff,
Thanks for sending me that info.
So this actually has nothing to do with LDAP. I've seen this before once,
on
Python 2.7 only. My guess is there's something that prevented the right
headers from reaching the server. Some sort of regression on their end
(we
already know they broke uploading of binary content).
First off, can you let me know whether you're using the dev server, or
Apache? If Apache, is it mod_wsgi? And if so, is there a
WSGIPassAuthorization On line in the config?
Christian
--
Christian Hammond - chip...@chipx86.com
Review Board -http://www.reviewboard.org
VMware, Inc. -http://www.vmware.com
On Tue, Sep 27, 2011 at 11:02 AM, Jeff Ward j...@fuzzybinary.com
wrote:
Yes this is using post-review as the client. Here's the output when I
disable anonymous reads:
C:\Python27\Scripts\post-review --server=http://server:--debug --
repository=repo_name
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports
changesets: True
HTTP GETting api/
HTTP GETtinghttp://server:/api/info/
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Using the deprecated Review Board 1.0 web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Traceback (most recent call last):
File C:\Python27\Scripts\post-review-script.py, line 8, in
module
load_entry_point('rbtools==0.3.3', 'console_scripts', 'post-
review')()
File C:\Python27\lib\site-packages\rbtools-0.3.3-py2.7.egg\rbtools
\postreview.py, line 3988, in main
AttributeError: 'ReviewBoardServer' object has no attribute
'rb_version'
/api doesn't require auth in this scenereo, but /api/info does. I can
not log in to /api/info from a web browser in this situation either.
If I turn on anonymous read I get this:
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports
changesets: True
HTTP GETting api/
HTTP GETtinghttp://server:/api/info/
Using the new web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Error creating review request: You are not logged in (HTTP 401, API
Error 103)
My LDAP does not allow anonymous binds, which I think may be the
issue.
Re: API LDAP Authentiaction
Hey Christian,
Server is using Python 2.5.2, client is using 2.7.1
RB is 1.6.1-py2.5
Djblets is 0.6.11-py2.5
Having some extra debug info might be helpful. You can send any built
packages to this email if you'd like.
Thanks for all your help!
--
Jeff
On Sep 28, 4:17 pm, Christian Hammond chip...@chipx86.com wrote:
Can you tell me exactly which versions of ReviewBoard and Djblets are
installed, and what version of Python is being used on the server? I can
build you some packages with extended debug info to help figure out where
auth is getting stuck.
Christian
--
Christian Hammond - chip...@chipx86.com
Review Board -http://www.reviewboard.org
VMware, Inc. -http://www.vmware.com
On Wed, Sep 28, 2011 at 7:12 AM, Jeff Ward j...@fuzzybinary.com wrote:
This is on Apache on FastCGI. There's a weird issue with us hosting
WSGI because the server is running an older version of Ubuntu
(something we should correct, but can't at the moment).
On Sep 27, 5:48 pm, Christian Hammond chip...@chipx86.com wrote:
Hi Jeff,
Thanks for sending me that info.
So this actually has nothing to do with LDAP. I've seen this before once,
on
Python 2.7 only. My guess is there's something that prevented the right
headers from reaching the server. Some sort of regression on their end
(we
already know they broke uploading of binary content).
First off, can you let me know whether you're using the dev server, or
Apache? If Apache, is it mod_wsgi? And if so, is there a
WSGIPassAuthorization On line in the config?
Christian
--
Christian Hammond - chip...@chipx86.com
Review Board -http://www.reviewboard.org
VMware, Inc. -http://www.vmware.com
On Tue, Sep 27, 2011 at 11:02 AM, Jeff Ward j...@fuzzybinary.com
wrote:
Yes this is using post-review as the client. Here's the output when I
disable anonymous reads:
C:\Python27\Scripts\post-review --server=http://server:--debug--
repository=repo_name
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports
changesets: True
HTTP GETting api/
HTTP GETtinghttp://server:/api/info/
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Using the deprecated Review Board 1.0 web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Traceback (most recent call last):
File C:\Python27\Scripts\post-review-script.py, line 8, in
module
load_entry_point('rbtools==0.3.3', 'console_scripts', 'post-
review')()
File C:\Python27\lib\site-packages\rbtools-0.3.3-py2.7.egg\rbtools
\postreview.py, line 3988, in main
AttributeError: 'ReviewBoardServer' object has no attribute
'rb_version'
/api doesn't require auth in this scenereo, but /api/info does. I can
not log in to /api/info from a web browser in this situation either.
If I turn on anonymous read I get this:
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports
changesets: True
HTTP GETting api/
HTTP GETtinghttp://server:/api/info/
Using the new web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing tohttp://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
Re: API LDAP Authentiaction
Yes this is using post-review as the client. Here's the output when I
disable anonymous reads:
C:\Python27\Scripts\post-review --server=http://server: --debug --
repository=repo_name
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports changesets:
True
HTTP GETting api/
HTTP GETting http://server:/api/info/
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged in',
u'code': 103}}
Using the deprecated Review Board 1.0 web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Traceback (most recent call last):
File C:\Python27\Scripts\post-review-script.py, line 8, in
module
load_entry_point('rbtools==0.3.3', 'console_scripts', 'post-
review')()
File C:\Python27\lib\site-packages\rbtools-0.3.3-py2.7.egg\rbtools
\postreview.py, line 3988, in main
AttributeError: 'ReviewBoardServer' object has no attribute
'rb_version'
/api doesn't require auth in this scenereo, but /api/info does. I can
not log in to /api/info from a web browser in this situation either.
If I turn on anonymous read I get this:
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports changesets:
True
HTTP GETting api/
HTTP GETting http://server:/api/info/
Using the new web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Attempting to create review request on repo_name for None
HTTP POSTing to http://server:/api/review-requests/: {'repository':
'repo_name'}
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged in',
u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing to http://server:/api/review-requests/: {'repository':
'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged in',
u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing to http://server:/api/review-requests/: {'repository':
'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged in',
u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing to http://server:/api/review-requests/: {'repository':
'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged in',
u'code': 103}}
Error creating review request: You are not logged in (HTTP 401, API
Error 103)
My LDAP does not allow anonymous binds, which I think may be the
issue. Authentication from the main page works though, and since both
are supposed to go through the same code path, I have no idea what's
killing the API auth.
--
Jeff
On Sep 26, 4:12 pm, Christian Hammond chip...@chipx86.com wrote:
Hi Jeff,
Sorry for the late reply.
Our authentication for both the web UI and API go through the same place.
However, you may be hitting other bugs.
Is this using post-review as the client? Can you run with --debug and show
me the output?
I'm curious what's prompting for a password on /api/, because we don't
actually require one there (necessary so that /api/info/ can be accessed to
determine what version works in order to be able to authenticate).
Christian
--
Christian Hammond - chip...@chipx86.com
Review Board -http://www.reviewboard.org
VMware, Inc. -http://www.vmware.com
On Mon, Sep 26, 2011 at 11:22 AM, Jeff Ward j...@fuzzybinary.com wrote:
So, in lack of a response, I've moved my review board server in an
attempt to fix this. I still can't host on a subdomain, but I'm now
using root plus a port (in this case ).
LDAP authentication still doesn't work with the API, and it looks like
no query for authentication is being sent to the LDAP server, no error
in the logs.
Is there anywhere I can look to diagnose this issue / potentially get
it to work?
--
Jeff
On Sep 22, 6:59 pm, Jeff Ward j...@fuzzybinary.com wrote:
I'm having more trouble getting LDAP authentication.
I'll admit up front, I'm working with a web server where dedicating a
portion of apache just to review board was not possible. I had to
append the rules to the default site, at the directory root/reviews.
Re: API LDAP Authentiaction
Hi Jeff,
Thanks for sending me that info.
So this actually has nothing to do with LDAP. I've seen this before once, on
Python 2.7 only. My guess is there's something that prevented the right
headers from reaching the server. Some sort of regression on their end (we
already know they broke uploading of binary content).
First off, can you let me know whether you're using the dev server, or
Apache? If Apache, is it mod_wsgi? And if so, is there a
WSGIPassAuthorization On line in the config?
Christian
--
Christian Hammond - chip...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com
On Tue, Sep 27, 2011 at 11:02 AM, Jeff Ward j...@fuzzybinary.com wrote:
Yes this is using post-review as the client. Here's the output when I
disable anonymous reads:
C:\Python27\Scripts\post-review --server=http://server: --debug --
repository=repo_name
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports
changesets: True
HTTP GETting api/
HTTP GETting http://server:/api/info/
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Using the deprecated Review Board 1.0 web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Traceback (most recent call last):
File C:\Python27\Scripts\post-review-script.py, line 8, in
module
load_entry_point('rbtools==0.3.3', 'console_scripts', 'post-
review')()
File C:\Python27\lib\site-packages\rbtools-0.3.3-py2.7.egg\rbtools
\postreview.py, line 3988, in main
AttributeError: 'ReviewBoardServer' object has no attribute
'rb_version'
/api doesn't require auth in this scenereo, but /api/info does. I can
not log in to /api/info from a web browser in this situation either.
If I turn on anonymous read I get this:
RBTools 0.3.3
Home = redacted
hg showconfig
hg root
p4 info
repository info: Path: redacted, Base path: None, Supports
changesets: True
HTTP GETting api/
HTTP GETting http://server:/api/info/
Using the new web API
Generating diff for changenum default
p4 opened -c default
Processing edit of redacted
Writing redacted to redacted
p4 print -o redacted -q redacted
diff -urNp redacted redacted
Attempting to create review request on repo_name for None
HTTP POSTing to http://server:/api/review-requests/:
{'repository': 'repo_name'}
== HTTP Authentication Required
Enter authorization information for Web API at server:
Username: jeffw
Password:
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing to http://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing to http://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Attempting to create review request on repo_name for None
HTTP POSTing to http://server:/api/review-requests/:
{'repository': 'repo_name'}
Got API Error 103 (HTTP code 401): You are not logged in
Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not logged
in', u'code': 103}}
Error creating review request: You are not logged in (HTTP 401, API
Error 103)
My LDAP does not allow anonymous binds, which I think may be the
issue. Authentication from the main page works though, and since both
are supposed to go through the same code path, I have no idea what's
killing the API auth.
--
Jeff
On Sep 26, 4:12 pm, Christian Hammond chip...@chipx86.com wrote:
Hi Jeff,
Sorry for the late reply.
Our authentication for both the web UI and API go through the same place.
However, you may be hitting other bugs.
Is this using post-review as the client? Can you run with --debug and
show
me the output?
I'm curious what's prompting for a password on /api/, because we don't
actually require one there (necessary so that /api/info/ can be accessed
to
determine what version works in order to be able to authenticate).
Christian
--
Christian Hammond - chip...@chipx86.com
Review Board -http://www.reviewboard.org
VMware, Inc. -http://www.vmware.com
On Mon, Sep 26, 2011 at 11:22 AM, Jeff Ward
Re: API LDAP Authentiaction
So, in lack of a response, I've moved my review board server in an attempt to fix this. I still can't host on a subdomain, but I'm now using root plus a port (in this case ). LDAP authentication still doesn't work with the API, and it looks like no query for authentication is being sent to the LDAP server, no error in the logs. Is there anywhere I can look to diagnose this issue / potentially get it to work? -- Jeff On Sep 22, 6:59 pm, Jeff Ward j...@fuzzybinary.com wrote: I'm having more trouble getting LDAP authentication. I'll admit up front, I'm working with a web server where dedicating a portion of apache just to review board was not possible. I had to append the rules to the default site, at the directory root/reviews. This is a hard requirement. I am also using FastCGI. This is because of other issues with WSGI on the server. The problem is root/reviews/api/ is not accepting LDAP authentication. So far as I can tell, it's not even attempting to query LDAP for the information, and the logs have no information. Is there something I should look for to have the API authenticate properly, especially in this weird setup? -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~--~~~~--~~--~--~--- To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
