>From what I see, the buildbot config looks good. I guess the issue you have is more about how to configure apache to enforce authentication of a proxy
Perhaps you can get more help in an apache forum. Pierre Le mer. 15 févr. 2017 à 17:55, Chris Spencer <[email protected]> a écrit : > The example Apache config doesn't include basic auth. I'm unfamiliar with > using websockets and basic auth together. How would I do that? Would I add > the auth settings to the <Location /ws> section or a separate <Location /> > section? > > On Wed, Feb 15, 2017 at 11:09 AM, Pierre Tardy <[email protected]> wrote: > > The goal of RemoteUserAuth is to disable completely the login UI of > buildbot, and let apache handle the authentication alone. > > Buildbot will get a header from Apache telling it which user is actually > logged in. > > If you configured your apache correctly, you should never achive to get > the buildbot UI unless you get a browser-based login prompt. > Require valid-user is if I understand correctly what is > need to implement such thing > > Also, please note that apache requires a specific configuration to allow > websocket to work correctly > > http://docs.buildbot.net/latest/manual/cfg-www.html#reverse-proxy-configuration > > > > Le mer. 15 févr. 2017 à 17:02, Chris Spencer <[email protected]> a > écrit : > > I'm not sure I understand. Anonymous users can definitely still see the > site from Apache in 0.9.*. I'm looking at my Buildbot server right now as > an anonymous user. It seems to hide a lot of details for anonymous users, > but it's still rendering the basic site, listing builders and recent > builds. By "show no output" I mean it should only render a login page and > nothing else if the user is not authenticated. > > I tried the util.RemoteUserAuth but it doesn't seem to do anything. > Buildbot still requires I login via the on-screen user login dropdown, and > ignores the basic Http login I give to Apache. > > Oddly, it also seems to ignore util.HTPasswdAuth(). If I enter a > username/password that I added to my htpasswd file into Buildbot's login > form, Buildbot still won't let me login through its web interface. Is there > some trick to getting an htpasswd file to work with Buildbot? There are no > errors reported in the twistd.log. > > This is my Apache config: > > <VirtualHost *:80> > > ProxyPass / http://127.0.0.1:8010/ > > <Location /> > AuthType Basic > AuthName "Buildbot" > AuthUserFile /usr/local/myproject/src/buildbot/htpasswd > Require valid-user > </Location> > > </VirtualHost> > > > On Wed, Feb 15, 2017 at 3:50 AM, Pierre Tardy <[email protected]> wrote: > > Hi Chris, > What you are looking for is theRemoteUserAuth plugin > > http://buildbot.readthedocs.io/en/latest/manual/cfg-www.html#buildbot.www.auth.RemoteUserAuth > > There is no more support for combination useHttpHeader + HTPasswdAprAuth, > which allowed apache authentication + anonymous access. > I am not sure exactly if this is what you mean by "show no output to an > anonymous user" > > Pierre > > Le mer. 15 févr. 2017 à 07:21, Chris Spencer <[email protected]> a > écrit : > > In 0.8.*, I was using http authentication in Apache to collect the > username/password and pass that through to Buildbot. I was doing that with: > > authz_cfg=authz.Authz( > auth=auth.HTPasswdAprAuth('.htpasswd')), > useHttpHeader=True, > ... > ) > > However, in 0.9.*, there doesn't appear to be a HTPasswdAprAuth class or a > useHttpHeader option. Is there still a way to setup this type of > authentication? > > My goal is to show no output to an anonymous user. > > _______________________________________________ > users mailing list > [email protected] > https://lists.buildbot.net/mailman/listinfo/users > > > >
_______________________________________________ users mailing list [email protected] https://lists.buildbot.net/mailman/listinfo/users
