Bug 656978

Summary: Unable to connect on repository using HTTP basic authentication
Product: Red Hat Enterprise Linux 5 Reporter: Alexandre Frandemiche <slobberbone>
Component: yumAssignee: packaging-team-maint
Status: CLOSED NEXTRELEASE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: high Docs Contact:
Priority: low    
Version: 5.5CC: james.antill, jon.burney, nphilipp, ralph, ssimpson
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-03-14 15:26:52 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Alexandre Frandemiche 2010-11-24 11:02:38 EST
Description of problem:

Man page of yum.con :

You  can  use  HTTP  basic  auth by prepending "user:password@" to the server name in the baseurl line.  For example: "baseurl=http://user:passwd@example.com/".

If you do that, the repository doesn't work whereas the same repository file on Fedora 14 works.

Version-Release number of selected component (if applicable):
Yum 3.2.22-26.el5 on x86_64
Under CentOS 5.5 (with no update, so like REHL 5.5)

How reproducible:


Steps to Reproduce:
1.create a repository who works without http basic authentication
2.In your httpd.conf, add :
<Directory /var/www/repo>
    AuthType Basic
    AuthName "Password Required"
    AuthUserFile /etc/apache2/passwords/repo
    Require valid-user
3.Add a user to htpasswd :
htpasswd -c /../mypasswordsFile user
4.Finally, change your repository file in /etc/yum.repos.d like explain in man page :

Actual results:

Not Working
Comment 1 seth vidal 2010-11-29 15:56:05 EST
just to be sure - you can get to that repo via a web browser, right?
Comment 2 Alexandre Frandemiche 2010-11-30 02:38:41 EST
Yes of course, and the exactly same file.repo under Fedora 14 works perfectly !
Comment 3 James Antill 2013-03-14 15:26:52 EDT
 This may be fixed in later versions of RHEL-5, if not it should be in RHEL-6 (we fixed a number of weird cases for basic auth.)