Comments (16)
Did you try to use a user/password known to the system?
On 28 October 2013 15:53, John Dyer [email protected] wrote:
I am playing around w/ this project and I am getting an auth error locally
jdyer@retina:~ » repoclient -s localhost -p 8080 create foo 1 ↵
<title>Apache Tomcat/7.0.40 - Error report</title><style></style>
ERROR: Got unexpected status code 401. Expected 201.
The server said:HTTP Status 401 - Full authentication is required to access this resource
type Status report
message Full authentication is required to access this resource
description This request requires HTTP authentication.
Apache Tomcat/7.0.40
jdyer@retina:~ »What is the default username / password ?
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/29
.
from yum-repo-server.
@schlomo , no I hadn't tried that yet, but I just did and it didn't work
from yum-repo-server.
See
https://github.com/ImmobilienScout24/yum-repo-server/blob/master/src/main/resources/security-context.xml,
it should be using PAM. Are you on Linux?
On 28 October 2013 16:28, John Dyer [email protected] wrote:
I did, but it's not working...
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/29#issuecomment-27221646
.
from yum-repo-server.
Per default we use 2 authentication methods.
- PAM authentication via libpam4j using the 'password-auth' service
- Whitelisted hosts that can be configured via -Dsecurity.whitelist.hosts=10.X.X.X,testserver.local
If you want to use different authentication mechanisms, you have to modify security-context.xml like Schlomo said.
from yum-repo-server.
Hi,
I'm running yum-repo-server on a jetty instance. I created a configuration.properties file which sets mongodb host and security.whitelist.hosts:
cat $JETTY_HOME/webapps/ROOT/WEB-INF/classes/configuration.properties
mongodb.serverlist=localhost
security.whitelist.hosts=localhost,127.0.0.1.10.0.2.15
The mongodb parameter is picked up as it should be. If I delete the parameter yum-repo-server won't start because it's a required param.
The whitelist.hosts param doesn't do what I expected it to do. I installed yum-repo-client on the same machine. If I create a repo using the PAM authentication it works just fine.
But since I want to script the upload of RPM's an interactive way of authentication isn't what I want so I hoped the whitelist could tackle that one. Unfortunately it doesn't in my case:
$ repoclient create test-repo
ERROR: Got unexpected status code 401. Expected 201.
The server said:
## HTTP ERROR 401
Problem accessing /repo/. Reason:
Full authentication is required to access this resource
* * *
_Powered by Jetty://_
* * *
> <body>
Any ideas what I'm doing wrong?
from yum-repo-server.
The whitelist should to what you want, problem could be that there is a dot between the two ip addresses and not a comma
localhost,127.0.0.1.10.0.2.15
from yum-repo-server.
Hi I hoped it was that easy, but after I changed it to:
security.whitelist.hosts=localhost,127.0.0.1,10.0.2.15
The issue is still the same I'm afraid..
repoclient create test-repo
ERROR: Got unexpected status code 401. Expected 201.
The server said:
## HTTP ERROR 401
Problem accessing /repo/. Reason:
Full authentication is required to access this resource
* * *
_Powered by Jetty://_
* * *
> <body>
from yum-repo-server.
Hm, did you try to give the hostname instead of localhost, i think we do a Reverse lookup. Sorry can not check the code right now. Oli
Von meinem iPhone gesendet
Am 26.04.2014 um 13:30 schrieb Jan Collijs [email protected]:
Hi I hoped it was that easy, but after I changed it to:
security.whitelist.hosts=localhost,127.0.0.1,10.0.2.15
The issue is still the same I'm afraid..repoclient create test-repo
ERROR: Got unexpected status code 401. Expected 201.
The server said:HTTP ERROR 401
Problem accessing /repo/. Reason:
Full authentication is required to access this resource
Powered by Jetty://
— Reply to this email directly or view it on GitHub.
from yum-repo-server.
@visibilityspots I use the hostname in my whitelist config and i can upload RPM:s without interactive authentication. You may also have to restart the application after a config change.
from yum-repo-server.
It does not work by changing to the hostname overhere.
After every change I do restart the jetty server so the modified configuration could be picked up..
but the command repoclient create still refuses because of Full authentication is required to the resource..
from yum-repo-server.
Hm, maybe it helps to change logging settings for HostnameResolver to see
against what hostname the whitelist Filter checks.
add the next three lines to the log4j.xml file.
should deliver a log output like :
resolved hostname for {} is {}
where in place ot the first {} it should be what the server read from the
request, and the second {} is the resulting hostname usde for hostname
validation.
In our config I see, that we use full qualified host names, by the way.
2014-04-28 11:43 GMT+02:00 Jan Collijs [email protected]:
It does not work by changing to the hostname overhere.
After every change I do restart the jetty server so the modified
configuration could be picked up..—
Reply to this email directly or view it on GitHubhttps://github.com//issues/29#issuecomment-41539935
.
from yum-repo-server.
Hi,
the output of the log is as follows when I try to create a repo with the fqdn in the security.whitelist.hosts:
2014-04-28 18:33:43,482 DEBUG [host=] [user=] de.is24.infrastructure.gridfs.http.utils.HostnameResolver - resolved hostname for 0:0:0:0:0:0:0:1 is 0:0:0:0:0:0:0:1
from yum-repo-server.
This looks like an IPv6 Address, try adding this address to your whitelist.
2014-04-28 20:47 GMT+02:00 Jan Collijs [email protected]:
Hi,
the output of the log is as follows when I try to create a repo with the
fqdn in the security.whitelist.hosts:2014-04-28 18:33:43,482 DEBUG [host=] [user=] de.is24.infrastructure.gridfs.http.utils.HostnameResolver - resolved hostname for 0:0:0:0:0:0:0:1 is 0:0:0:0:0:0:0:1
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/29#issuecomment-41597451
.
from yum-repo-server.
And your machine does not seam to be able to lookup the loopback
address 0:0:0:0:0:0:0:1
to localhost.
Just adding some unit tests to cover this case.
2014-04-28 21:33 GMT+02:00 Oliver Schmitz-Hennemann [email protected]:
This looks like an IPv6 Address, try adding this address to your whitelist.
2014-04-28 20:47 GMT+02:00 Jan Collijs [email protected]:
Hi,
the output of the log is as follows when I try to create a repo with the
fqdn in the security.whitelist.hosts:2014-04-28 18:33:43,482 DEBUG [host=] [user=] de.is24.infrastructure.gridfs.http.utils.HostnameResolver - resolved hostname for 0:0:0:0:0:0:0:1 is 0:0:0:0:0:0:0:1
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/29#issuecomment-41597451
.
from yum-repo-server.
IP detection was not working for IPv6, see commit for issue #41.
travis build is green, should work now (matching localhost)
2014-04-28 22:22 GMT+02:00 Oliver Schmitz-Hennemann [email protected]:
And your machine does not seam to be able to lookup the loopback address 0:0:0:0:0:0:0:1
to localhost.
Just adding some unit tests to cover this case.2014-04-28 21:33 GMT+02:00 Oliver Schmitz-Hennemann [email protected]:
This looks like an IPv6 Address, try adding this address to your whitelist.
2014-04-28 20:47 GMT+02:00 Jan Collijs [email protected]:
Hi,
the output of the log is as follows when I try to create a repo with the
fqdn in the security.whitelist.hosts:2014-04-28 18:33:43,482 DEBUG [host=] [user=] de.is24.infrastructure.gridfs.http.utils.HostnameResolver - resolved hostname for 0:0:0:0:0:0:0:1 is 0:0:0:0:0:0:0:1
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/29#issuecomment-41597451
.
from yum-repo-server.
yes, it works now. Now I can start finalizing my puppet-modules for both client and server and looking in the functionality.
Thanks a lot for the time and effort you've spent to solve this! I really appreciate it!
from yum-repo-server.
Related Issues (20)
- Make yum-repo-server work in a non-root context HOT 4
- styles in ui broken HOT 1
- Allow multiple load balancer between client and yum-repo-server HOT 1
- deleting obsolete RPMs creates orphan yum entries (without files)
- Virtual Repo creation HOT 10
- How Could i set it up in CentOS? HOT 17
- Allow to distinguish a "successfull" delete from a "there was nothing therer" delete on a file delete request HOT 1
- deleting a static repo shows repo in repo overview page, but click leads to a 404 HOT 1
- Allow additional configuration for URL rewriting
- Propagation from external repositories HOT 3
- make yum-repo-server-repos dnf compatible HOT 1
- RepoMetadataScheduler stops on/after Problems with MongoDB HOT 3
- Redirection to a server which has sub directories which are symbolic links HOT 4
- Cannot install behind firewall HOT 11
- virtual repo redirected to ext repo fails, when ext repo has rpm packages under 2 or more nested directories HOT 1
- show Changelog in RPM-info view HOT 3
- File type detection is buggy
- DEFAULT_MAX_KEEP_RPMS should be configurable HOT 3
- build fails with master HOT 1
- RPMs are downloaded from WebUI as f.txt HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from yum-repo-server.