172962 – Yum doesn't support http authentication

Bug 172962 - Yum doesn't support http authentication

Summary: Yum doesn't support http authentication

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	yum
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jeremy Katz
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-11-11 16:49 UTC by Trevor Davenport
Modified:	2014-01-21 22:53 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-04-19 20:21:01 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Trevor Davenport 2005-11-11 16:49:51 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20051018 Epiphany/1.8.2

Description of problem:
Yum doesn't support http authentication.  At my work we use websense for a web filtering service.  It supports asking what user in on a computer if it cannot transparently identify who is logged onto a computer so it can give them the proper policy.  Since yum doesn't support http authentication, in order to update you must first open a web browser and authenticate and then start the update. This  works but in 15 minutes when the it checks for authentication again it will again cause a problem (it blocks all traffic until it gets a response).

Version-Release number of selected component (if applicable):
yum-2.4.0-10

How reproducible:
Always

Steps to Reproduce:
I'm not sure how to reproduce in a non websense enviroment but I would imagine a yum repo that is behind anything that require http authentication would show this bug.

Additional info:

Comment 1 Seth Vidal 2005-11-11 18:09:16 UTC

Does this system act as a proxy?

Can you use yum's proxy authentication capability to do this?

otherwise - if it is just using basic http auth you could:

baseurl=http://username:password@somehost/path/to/repo

Comment 2 Trevor Davenport 2005-11-11 18:48:39 UTC

no, proxy authentication does not work for this and the problem with baseurl
method is that the response for authentication come form a different host then
the one your are connecting to so supplying them in the baseurl gives them to
the wrong host.  Not to mention that then passwords are written in planetext in
files that are normally world readable though I suppose you could restrict it to
only root.  Old versions of yum (well, when yum was on yellowdog linux anyway
don't remember what version though) then it has this capability and it worked
out quite well where it would just prompt of username and password rather then
just start to fail.

Comment 3 Jeremy Katz 2006-04-19 20:21:01 UTC

We're not going to add interactive prompting for username and passwords for web
access -- it can be specified in the config.  If you need to prompt for some
reason, then write a wrapper script to create the yum.conf with that info and
then nuke it after use.

Note You need to log in before you can comment on or make changes to this bug.