I'm in the process of upgrading our now ancient 2.3 version of OBS to
2.5.
I successfully upgraded it to OpenSUSE 12.2, and OBS 2.4. At that time,
since LDAP support was removed, I added the following to the _webui_
section:
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthName "OBS"
AuthType Basic
AuthLDAPBindDN XXXX
AuthLDAPBindPassword XXXX
AuthLDAPURL XXXX
RequestHeader set X-username %{AUTHENTICATE_UID}e
RequestHeader set X-email %{AUTHENTICATE_MAIL}e
require valid-user
and turned on
proxy_auth_mode: :on
However, since webui and api are now one, I put that in the updated
obs.conf vhost file which came with 2.5.
Instead, I now get a forever loop of username/password prompt, and this
is in the logs:
[72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.24] Authenticating with
iChain mode: on
[72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.24] Cache read:
_session_id:e5c5abbaba08b8fd41981c4d300aa58b
[72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.24] Dalli::Server#connect
127.0.0.1:11211
[72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.24] --> direct_http url:
#
[72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.26] http_do: method: get
url: https://localhost:443/person/mdrobnak
[72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.26] Completed 401
Unauthorized in 91ms
[72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.37]
ActiveXML::Transport::UnauthorizedError (<!DOCTYPE HTML PUBLIC
"-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Authorization Required</title>
</head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested. Either you supplied the wrong
credentials (e.g., bad password), or your
browser doesn't understand how to supply
the credentials required.</p>
<p>Additionally, a 406 Not Acceptable
error was encountered while trying to use an ErrorDocument to handle the
request.</p>
<hr>
<address>Apache/2.2.22 (Linux/SUSE) Server at localhost Port
443</address>
</body></html>
):
I have this in the config:
frontend_host: "localhost"
frontend_port: 443
frontend_protocol: "https"
Any ideas? This setup was working on 2.4, but I don't want to be in the
position of being behind again, so I want to get 2.5 working.
Thanks.
-Matt
PS There was some fun rails stuff during the 2.4->2.5 upgrade..needed to
hit "1" a few times when doing the obs-api upgrade..