[Buildbot-devel] WebStatus issue: Warning: Ignoring authentication. Search for 'authorization' in the manual

Amber Yust ayust at yelp.com
Sat Dec 25 00:59:35 UTC 2010 

I'd suggest using apache to proxy buildbot's webstatus and then keeping the
real one firewalled off.

~Amber (sent from Droid, please forgive any typos!)
On Dec 24, 2010 4:11 PM, <ariasgore at gmx.de> wrote:
> Hi,
> thanks for the hint. This seem to work for the single actions possible,
like shutdown, force rebuild and so on but this still exposes the console,
etc to the public web.
> You can see the changesource path, the builders and so on.
>
> I thought providing htaccess could allow me to protected the entire view
from public.
>
> Buildbot is on a vserver exposed to the internet but all resources should
be available to logged in users (apache, trac, buildbot)
> while I can handle apache and trac via apache config buildbot creates its
own server which seems to be quite open minded.
>
> So is there a known way how to require a valid htaccess login to be able
to see anything?
> Otherwise buildbot would be quite unhandy for teams coorporating via
internet.
>
> Thanks
> Sam
>
> -------- Original-Nachricht --------
>> Datum: Fri, 24 Dec 2010 12:26:47 -0800
>> Von: Amber Yust <ayust at yelp.com>
>> An: ariasgore at gmx.de
>> Betreff: Re: [Buildbot-devel] WebStatus issue: Warning: Ignoring
authentication. Search for \'authorization\' in the manual
>
>> To clarify - this bit:
>>
>> authz = Authz(auth=auth, default_action="auth")
>>
>> ~Amber (sent from Droid, please forgive any typos!)
>> On Dec 24, 2010 12:25 PM, "Amber Yust" <ayust at yelp.com> wrote:
>> > Authz doesn't have to be simple - you could probably explicitly
>> construct
>> an
>> > authz with the auth object you were trying to use (what the part of
that
>> > else statement did, but without the allowforce bit).
>> >
>> > ~Amber (sent from Droid, please forgive any typos!)
>> > On Dec 24, 2010 10:58 AM, <ariasgore at gmx.de> wrote:
>> >> Hi,
>> >> well that would be more than bad since I do need to protected the
>> entire
>> > display of buildbot behind a password protection and I dont want to
>> > duplicate everything by using this more simple authz config stuff.
>> >>
>> >> Is there another way? My apache is already password protected but how
>> do
>> I
>> > deal with the server user access management of buildbot?
>> >>
>> >> Thanks
>> >> Sam
>> >>
>> >> -------- Original-Nachricht --------
>> >>> Datum: Fri, 24 Dec 2010 08:25:26 -0800
>> >>> Von: Amber Yust <ayust at yelp.com>
>> >>> An: ariasgore at gmx.de
>> >>> CC: buildbot-devel at lists.sourceforge.net
>> >>> Betreff: Re: [Buildbot-devel] WebStatus issue: Warning: Ignoring
>> > authentication. Search for \'authorization\' in the manual
>> >>
>> >>> @param auth: deprecated; use with authz
>> >>>
>> >>> I don't believe 'auth' is being supported anymore; the entire branch
>> > aside
>> >>> from the 'if authz' is there for backwards compatibility.
>> >>>
>> >>> ~Amber
>> >>>
>> >>> On Fri, Dec 24, 2010 at 7:31 AM, <ariasgore at gmx.de> wrote:
>> >>>
>> >>> > Hello,
>> >>> > I am on buildbot 0.8.3 and there seems to be some weirdness. I
tried
>> >>> using
>> >>> > authentication via:
>> >>> >
>> >>> > from buildbot.status.web.auth import HTPasswdAuth
>> >>> > auth = (HTPasswdAuth('/var/www/vhosts/.htpasswd'))
>> >>> > c['status'].append(html.WebStatus(http_port=8010, auth=auth))
>> >>> > (Thats from buildbot's manual!)
>> >>> >
>> >>> > Config fails with Warning: Ignoring authentication. Search for
>> >>> > 'authorization' in the manual
>> >>> >
>> >>> > Now I checked the manual and I see no issue. However the WebStatus
>> code
>> >>> > confuses me:
>> >>> >
>> >>> >
>> >>>
>> >
>>
http://buildbot.net/buildbot/docs/latest/reference/buildbot.status.web.baseweb-pysrc.html
>> >>> > Line 296 is the error message described here but when I trace the
>> code
>> >>> it
>> >>> > seems quite weird to me:
>> >>> >
>> >>> > 282 if authz:
>> >>> > ... not applicable since using auth
>> >>> > 288 else:
>> >>> > 289 # invent an authz
>> >>> > 290 if allowForce and auth:
>> >>> > 291 authz = Authz(auth=auth, default_action="auth")
>> >>> > 292 elif allowForce:
>> >>> > 293 authz = Authz(default_action=True)
>> >>> > 294 else:
>> >>> > 295 if auth:
>> >>> > 296 log.msg("Warning: Ignoring authentication.
>> >>> Search
>> >>> > for 'authorization'"
>> >>> > 297 " in the manual")
>> >>> > ...
>> >>> >
>> >>> > Can sb explain that to me? I mean I am in the else branch and
>> > allowForce
>> >>> is
>> >>> > marked as deprecated and should not be used so how comes that I do
>> need
>> >>> to
>> >>> > use allowForce when creating the webstatus???
>> >>> >
>> >>> > Thanks
>> >>> > Sam (confused)
>> >>> >
>> >>> >
>> >>> > --
>> >>> > GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt auch mit
>> >>> > gratis Notebook-Flat! http://portal.gmx.net/de/go/dsl
>> >>> >
>> >>> >
>> >>> >
>> >>>
>> >
>>
------------------------------------------------------------------------------
>> >>> > Learn how Oracle Real Application Clusters (RAC) One Node allows
>> >>> customers
>> >>> > to consolidate database storage, standardize their database
>> > environment,
>> >>> > and,
>> >>> > should the need arise, upgrade to a full multi-node Oracle RAC
>> database
>> >>> > without downtime or disruption
>> >>> > http://p.sf.net/sfu/oracle-sfdevnl
>> >>> > _______________________________________________
>> >>> > Buildbot-devel mailing list
>> >>> > Buildbot-devel at lists.sourceforge.net
>> >>> > https://lists.sourceforge.net/lists/listinfo/buildbot-devel
>> >>> >
>> >>
>> >> --
>> >> Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief!
>> >> Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail
>
> --
> Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
> belohnen Sie mit bis zu 100,- Euro! https://freundschaftswerbung.gmx.de
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://buildbot.net/pipermail/devel/attachments/20101224/1b411c92/attachment.html>

More information about the devel mailing list