Red Hat Bugzilla – Bug 135660
basic http authentication implementation
Last modified: 2016-06-09 06:39:32 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510
Description of problem:
The rpclib/connections/transports has been completely unncessary since
xmlrpclib entered the standard Python distibution (version 2.0 I believe)
I am presently agitating strongly to remove this entirely from
up2date. One of the prime motivators for this is of course a proper
implementation of basic http authentication using the delivered
This can and should replace the laughable proxyUser/proxyPassword and
Proxy-Authentication HTTP header that is supposedly (but not) generated.
In order to use this feature, simply do the following in
Whilst, you may be yet to take advantage of this feature, it very
suscinctly ties up2date to our customer portal at
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. if you want it, edit your serverUrl ...
Created attachment 105186 [details]
Yes, it really IS this simple ...
rpclib has too much legacy from older releases.
Please file a separate bug if the proxy authentication header is
supposedly (but not) generated. As far as I know, this currently works.
# WAM implement BASIC HTTP AUTHENTICATION
what exactly does WAM stand for?
Ahh, I initialised my comments so I could grep them if necessary.
Hi, we'd really like to see this patch in FC4 please!
The patch is in the codebase, together with a bunch of other changes
that I did for rhnlib. I will release it ASAP. Thanks for your patience.
I was under the impression that this fix had been released. Can you please
confirm as I do not see if reflected in rhnlib-1.8.6.p24.1 at all.
I was still testing rhnlib, so didn't release a newer version, and then I
convinced myself I did push the patch out, I guess.
This is ooold bug. Which slipped from our radar. Forwarding to upstream to confirm if it is fixed in current code.
I don't recall myself: it was for up2date/classic. I vaguely recollect that Satellite was ignoring all authentication headers past login form (ie open slather) and another of my client patches forced continued passing/checking of those. That one got accepted ASAP ...