Hi Simon On Wednesday, February 15, 2012 7:58:14 PM UTC+1, osimons wrote: > > There is no problem using the RPC plugin with digest auth - or any > particular other auth for that matter. The RPC plugin just uses what > it gets from Trac, and if Trac can authenticate then the plugin is > fine with that. > > The real problem is that CLIENTS generally don't support digest auth, > or any other particular auth mechanism other than lowest common > denominator: Basic Authentication. So something like Python xmlrpclib > only supports Basic auth. However, if you were to build a custom > client that provides its own authentication handlers, all should be > fine. Other clients for other platforms like Java, .Net or whatever > may support further mechanisms - including Digest. I don't know. But > in the end it all depends on the client. > > If you configure a project with digest auth, you should have no > problem using curl to make authenticated calls to a Trac /rpc handler. > "man curl" for all details of curl options... :-) > Are you sure? I'm not getting the XMLRPC interface to work using curl and digest authentication:
$ curl --data '<?xml version="1.0"?><methodCall><methodName>wiki.getPage</methodName><params><param><value><string>SandBox</string></value></param></params></methodCall>' --header 'Content-Type: text/xml' --digest --user "$user:$password" --dump-header - 'http://localhost:8080/login/xmlrpc' HTTP/1.1 200 OK Server: tracd/1.0.1 Python/2.6.8 Date: Mon, 26 Aug 2013 15:41:31 GMT Content-Type: text/xml Content-Length: 294 Set-Cookie: trac_session=67c4ffa3973fdfb495fd3d29; expires=Sun, 24-Nov-2013 15:41:31 GMT; httponly; Path=/ HTTP/1.1 200 OK Server: tracd/1.0.1 Python/2.6.8 Date: Mon, 26 Aug 2013 15:41:31 GMT Content-Type: text/xml Content-Length: 356 Set-Cookie: trac_session=ac78955d5ab422c55597d41d; expires=Sun, 24-Nov-2013 15:41:31 GMT; httponly; Path=/ <?xml version='1.0'?> <methodResponse> <fault> <value><struct> <member> <name>faultCode</name> <value><int>403</int></value> </member> <member> <name>faultString</name> <value><string>XML_RPC privileges are required to perform this operation. You don't have the required permissions.</string></value> </member> </struct></value> </fault> </methodResponse> It seems that the XmlRpcPlugin will return a 200 OK status code even if authentication is required. Shouldn't it send a different status code so curl known that it should send the authentication data to the server? Thanks Michael -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/trac-users. For more options, visit https://groups.google.com/groups/opt_out.
