[opensuse-buildservice] OBS 2.5 Proxy Auth

I'm in the process of upgrading our now ancient 2.3 version of OBS to 2.5. I successfully upgraded it to OpenSUSE 12.2, and OBS 2.4. At that time, since LDAP support was removed, I added the following to the _webui_ section: AuthBasicProvider ldap AuthzLDAPAuthoritative off AuthName "OBS" AuthType Basic AuthLDAPBindDN XXXX AuthLDAPBindPassword XXXX AuthLDAPURL XXXX RequestHeader set X-username %{AUTHENTICATE_UID}e RequestHeader set X-email %{AUTHENTICATE_MAIL}e require valid-user and turned on proxy_auth_mode: :on However, since webui and api are now one, I put that in the updated obs.conf vhost file which came with 2.5. Instead, I now get a forever loop of username/password prompt, and this is in the logs: [72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.24] Authenticating with iChain mode: on [72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.24] Cache read: _session_id:e5c5abbaba08b8fd41981c4d300aa58b [72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.24] Dalli::Server#connect 127.0.0.1:11211 [72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.24] --> direct_http url: # [72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.26] http_do: method: get url: https://localhost:443/person/mdrobnak [72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.26] Completed 401 Unauthorized in 91ms [72dcefa6-381f-445f-aae6-01bce85ac3a8] [8595:0.37] ActiveXML::Transport::UnauthorizedError (<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Authorization Required</title> </head><body> <h1>Authorization Required</h1> <p>This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p> <p>Additionally, a 406 Not Acceptable error was encountered while trying to use an ErrorDocument to handle the request.</p> <hr> <address>Apache/2.2.22 (Linux/SUSE) Server at localhost Port 443</address> </body></html> ): I have this in the config: frontend_host: "localhost" frontend_port: 443 frontend_protocol: "https" Any ideas? This setup was working on 2.4, but I don't want to be in the position of being behind again, so I want to get 2.5 working. Thanks. -Matt PS There was some fun rails stuff during the 2.4->2.5 upgrade..needed to hit "1" a few times when doing the obs-api upgrade..