Quantcast

Problem passing credentials to Roundup xmlrpc endpoint

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Problem passing credentials to Roundup xmlrpc endpoint

Hancock, David (dhancock)
I am unable to pass a username and password to the xmlrpc endpoint--it seems to get converted into the anonymous user. The documentation (plus some kind assistance from Ralf Schlatterbeck) led me to try the following:

>>> import xmlrpclib
>>> srv = xmlrpclib.ServerProxy(url, allow_none=True)
>>> srv.lookup('user', 'dhancock')

This yields a short stack trace ending with:

xmlrpclib.Fault: <Fault 1: "<class 'roundup.exceptions.Unauthorised'>:Permission to lookup user denied">

When I put Roundup's logging into verbose mode, this is what I see for that request:

2015-11-25 12:21:27,958 INFO open database 'roundup'
2015-11-25 12:21:27,978 INFO commit
2015-11-25 12:21:27,979 DEBUG SQL 'select id from _user where _username=%s and __retired__=%s' ('anonymous', 0)
2015-11-25 12:21:27,980 DEBUG SQL 'select id from _user where _username=%s and __retired__=%s' ('anonymous', 0)
2015-11-25 12:21:27,980 DEBUG SQL 'select _activity,_actor,_address,_alternate_addresses,_creation,_creator,_organisation,_password,_phone,_realname,_roles,_timezone,_username from _user where id=%s' ('2',)
2015-11-25 12:21:27,981 DEBUG SQL 'select linkid from user_queries where nodeid=%s' ('2',)
2015-11-25 12:21:27,982 DEBUG SQL 'select id from _user where _username=%s and __retired__=%s' ('anonymous', 0)
2015-11-25 12:21:27,983 INFO close

Can anyone see what I'm doing wrong? I don't think it's a good idea to add permissions to the 'anonymous' user, but I do want to use xmlrpc to create issues, look up ids, etc. Roundup is running behind Apache, in case that's relevant (using mod_wsgi).

Thank you, and
Cheers! 
-- 
David Hancock | [hidden email] 

------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551&iu=/4140
_______________________________________________
Roundup-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/roundup-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem passing credentials to Roundup xmlrpc endpoint

Ralf Schlatterbeck-3
On Thu, Nov 26, 2015 at 01:09:54PM +0000, Hancock, David (DHANCOCK) wrote:
> >>> import xmlrpclib
> >>> url = "http://admin:adminpw@localhost/support/xmlrpc"
> >>> srv = xmlrpclib.ServerProxy(url, allow_none=True)
> >>> srv.lookup('user', 'dhancock')
Looks good.

> This yields a short stack trace ending with:
>
> xmlrpclib.Fault: <Fault 1: "<class 'roundup.exceptions.Unauthorised'>:Permission to lookup user denied">
>
> 2015-11-25 12:21:27,979 DEBUG SQL 'select id from _user where _username=%s and __retired__=%s' ('anonymous', 0)
>
> Can anyone see what I'm doing wrong? I don't think it's a good idea to
> add permissions to the 'anonymous' user, but I do want to use xmlrpc
> to create issues, look up ids, etc. Roundup is running behind Apache,
> in case that's relevant (using mod_wsgi).

You need to turn on basic auth support in roundup, this is in config.ini
in the [web] section and is named "http_auth". You need to set it to
yes.

Let us know if this helps!

Ralf
--
Dr. Ralf Schlatterbeck                  Tel:   +43/2243/26465-16
Open Source Consulting                  www:   http://www.runtux.com
Reichergasse 131, A-3411 Weidling       email: [hidden email]

------------------------------------------------------------------------------
Go from Idea to Many App Stores Faster with Intel(R) XDK
Give your users amazing mobile app experiences with Intel(R) XDK.
Use one codebase in this all-in-one HTML5 development environment.
Design, debug & build mobile apps & 2D/3D high-impact games for multiple OSs.
http://pubads.g.doubleclick.net/gampad/clk?id=254741551&iu=/4140
_______________________________________________
Roundup-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/roundup-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem passing credentials to Roundup xmlrpc endpoint

Hancock, David (dhancock)
In reply to this post by Hancock, David (dhancock)
Hmm, this was already set to "yes" and isn't working. Is there something I need to configure in Apache to pass basic_auth through?

Ralf wrote:

> You need to turn on basic auth support in roundup, this is in config.ini
> in the [web] section and is named "http_auth". You need to set it to
> yes.
> Let us know if this helps!



Cheers! 
-- 
David Hancock | [hidden email] 

------------------------------------------------------------------------------

_______________________________________________
Roundup-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/roundup-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem passing credentials to Roundup xmlrpc endpoint

Ralf Schlatterbeck-3
On Fri, Nov 27, 2015 at 12:56:42PM +0000, Hancock, David (DHANCOCK) wrote:
> Hmm, this was already set to "yes" and isn't working. Is there
> something I need to configure in Apache to pass basic_auth through?

Hmm, probably yes, I'm on the road in some minutes, no time to look. The
setup I'm using (which also uses wsgi behind apache) uses kerberos auth
which falls back to basic auth if configured. So I have no basic-auth
setup here I can look at...

Maybe that helps?:
http://stackoverflow.com/questions/13377103/http-basic-auth-using-mod-wsgi
Roundup should already do the auth, so maybe you need to set
WSGIPassAuthorization in your wsgi config

Ralf
--
Dr. Ralf Schlatterbeck                  Tel:   +43/2243/26465-16
Open Source Consulting                  www:   http://www.runtux.com
Reichergasse 131, A-3411 Weidling       email: [hidden email]

------------------------------------------------------------------------------
_______________________________________________
Roundup-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/roundup-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Problem passing credentials to Roundup xmlrpc endpoint

Hancock, David (dhancock)
In reply to this post by Hancock, David (dhancock)
Many thanks. Simply adding "WSGIPassAuthorization On" in the Apache configuration, followed by a restart, took care of the problem.

>>> import xmlrpclib
>>> url = 'http://dhancock:password@localhost/support/xmlrpc'
>>> srv = xmlrpclib.ServerProxy(url, allow_none=True)
>>> srv.lookup('user', 'implact')
'326'
>>>

Thank you again.

Cheers! 
-- 
David Hancock | [hidden email] 

Ralf Schlatterbeck wrote:
On Fri, Nov 27, 2015 at 12:56:42PM +0000, Hancock, David (DHANCOCK) wrote:
> Hmm, this was already set to "yes" and isn't working. Is there
> something I need to configure in Apache to pass basic_auth through?

Hmm, probably yes, I'm on the road in some minutes, no time to look. The
setup I'm using (which also uses wsgi behind apache) uses kerberos auth
which falls back to basic auth if configured. So I have no basic-auth
setup here I can look at...

Maybe that helps?:
http://stackoverflow.com/questions/13377103/http-basic-auth-using-mod-wsgi
Roundup should already do the auth, so maybe you need to set
WSGIPassAuthorization in your wsgi config


------------------------------------------------------------------------------

_______________________________________________
Roundup-users mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/roundup-users
Loading...