Bug 135660 - basic http authentication implementation
Summary: basic http authentication implementation
Status: ASSIGNED
Alias: None
Product: Spacewalk
Classification: Community
Component: Clients   
(Show other bugs)
Version: 2.5
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Tomáš Kašpárek
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
Keywords: FutureFeature
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-10-14 06:49 UTC by Alan Milligan
Modified: 2016-06-09 10:39 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch (1.52 KB, patch)
2004-10-14 06:54 UTC, Alan Milligan
no flags Details | Diff

Description Alan Milligan 2004-10-14 06:49:18 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510

Description of problem:
The rpclib/connections/transports has been completely unncessary since
xmlrpclib entered the standard Python distibution (version 2.0 I believe)

I am presently agitating strongly to remove this entirely from
up2date.  One of the prime motivators for this is of course a proper
implementation of basic http authentication using the delivered
xmlrpclib functionality.

This can and should replace the laughable proxyUser/proxyPassword and
Proxy-Authentication HTTP header that is supposedly (but not) generated.

In order to use this feature, simply do the following in
/etc/sysconfig/rhn/up2date:

serverUrl=https://enoch_root:secret@xmlrpc.rhn.redhat.com/XMLRPC

Whilst, you may be yet to take advantage of this feature, it very
suscinctly ties up2date to our customer portal at
https://rpm.last-bastion.net

Version-Release number of selected component (if applicable):
rhnlib-1.8-6.p23.fc3

How reproducible:
Always

Steps to Reproduce:
1. if you want it, edit your serverUrl ...
2. 
3.
    

Additional info:

Comment 1 Alan Milligan 2004-10-14 06:54:06 UTC
Created attachment 105186 [details]
patch

Yes, it really IS this simple ...

Comment 2 Mihai Ibanescu 2004-10-14 13:21:18 UTC
Makes sense.

rpclib has too much legacy from older releases.

Please file a separate bug if the proxy authentication header is
supposedly (but not) generated. As far as I know, this currently works.

Comment 3 Mihai Ibanescu 2004-10-14 13:51:29 UTC
# WAM implement BASIC HTTP AUTHENTICATION

what exactly does WAM stand for?

Comment 4 Alan Milligan 2004-10-14 15:21:35 UTC
Ahh, I initialised my comments so I could grep them if necessary.

Comment 5 Alan Milligan 2004-12-11 18:16:58 UTC
Hi, we'd really like to see this patch in FC4 please!

Comment 6 Mihai Ibanescu 2004-12-12 02:48:36 UTC
The patch is in the codebase, together with a bunch of other changes
that I did for rhnlib. I will release it ASAP. Thanks for your patience.

Comment 7 Alan Milligan 2005-05-23 16:32:14 UTC
Hi,

I was under the impression that this fix had been released.  Can you please
confirm as I do not see if reflected in rhnlib-1.8.6.p24.1 at all.

Comment 8 Mihai Ibanescu 2005-09-30 19:32:19 UTC
I was still testing rhnlib, so didn't release a newer version, and then I
convinced myself I did push the patch out, I guess.

Comment 9 Miroslav Suchý 2016-06-09 10:00:31 UTC
This is ooold bug. Which slipped from our radar. Forwarding to upstream to confirm if it is fixed in current code.

Comment 10 Alan Milligan 2016-06-09 10:39:32 UTC
I don't recall myself: it was for up2date/classic.  I vaguely recollect that Satellite was ignoring all authentication headers past login form (ie open slather) and another of my client patches forced continued passing/checking of those.  That one got accepted ASAP ...


Note You need to log in before you can comment on or make changes to this bug.