Bug 682319

Summary: cannot log into kojiweb with Negotiate authentication
Product: [Fedora] Fedora EPEL Reporter: Ken Dreyer <ktdreyer>
Component: kojiAssignee: Dennis Gilmore <dennis>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: el5CC: avi.kivity, dcantrell, mikem, tuju
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-02-21 16:18:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ken Dreyer 2011-03-04 20:17:32 UTC 
Description of problem:
When using Kerberos for Negotiate authentication to EPEL5's Kojiweb, mod_python returns "400 Bad Request".

Using:
koji-web-1.6.0-1.el5
mod_python-3.2.8-3.1

This is the result of https://bugzilla.redhat.com/431684 .

I was able to hack Kojiweb's publisher to simply drop the Authorization header before passing it on to mod_python. This is not as robust as fixing mod_python itself, but it at least fixes Kojiweb in my use case.

--- publisher.py.orig	2011-03-04 14:34:01.000000000 -0500
+++ publisher.py	2011-03-04 14:51:07.000000000 -0500
@@ -36,4 +36,8 @@
 mod_python.publisher.publish_object = publish_object
 
 def handler(req):
+    # mod_python in EL5 breaks on non-basic auth.
+    # https://bugzilla.redhat.com/431684
+    if req.headers_in.has_key("Authorization"):
+       del req.headers_in["Authorization"]
     return mod_python.publisher.handler(req)
Comment 2 Dennis Gilmore 2017-02-21 16:18:22 UTC 
considering that everyone should be using mod_wsgi now Ia m going to close this as wontfix