Bug 682319 - cannot log into kojiweb with Negotiate authentication
Summary: cannot log into kojiweb with Negotiate authentication
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: koji
Version: el5
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Dennis Gilmore
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-03-04 20:17 UTC by Ken Dreyer
Modified: 2017-02-21 16:18 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-02-21 16:18:22 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Ken Dreyer 2011-03-04 20:17:32 UTC 
Description of problem:
When using Kerberos for Negotiate authentication to EPEL5's Kojiweb, mod_python returns "400 Bad Request".

Using:
koji-web-1.6.0-1.el5
mod_python-3.2.8-3.1

This is the result of https://bugzilla.redhat.com/431684 .

I was able to hack Kojiweb's publisher to simply drop the Authorization header before passing it on to mod_python. This is not as robust as fixing mod_python itself, but it at least fixes Kojiweb in my use case.

--- publisher.py.orig	2011-03-04 14:34:01.000000000 -0500
+++ publisher.py	2011-03-04 14:51:07.000000000 -0500
@@ -36,4 +36,8 @@
 mod_python.publisher.publish_object = publish_object
 
 def handler(req):
+    # mod_python in EL5 breaks on non-basic auth.
+    # https://bugzilla.redhat.com/431684
+    if req.headers_in.has_key("Authorization"):
+       del req.headers_in["Authorization"]
     return mod_python.publisher.handler(req)
Comment 2 Dennis Gilmore 2017-02-21 16:18:22 UTC 
considering that everyone should be using mod_wsgi now Ia m going to close this as wontfix
Note You need to log in before you can comment on or make changes to this bug.