[Buildbot-devel] Authentication of http based communication

exarkun at twistedmatrix.com exarkun at twistedmatrix.com
Tue May 4 18:06:32 UTC 2010

On 05:38 pm, bhearsum at mozilla.com wrote:
>I would bet that most people that want authentication on WebStatus 
>benefit by putting it behind an httpd proxy, and having that do the
>auth. No need for Buildbot to re-implement all of that stuff, IMHO.

This makes things a lot harder than they need to be.  First, now you 
need another http server.  To actually work, it needs to know about all 
of buildbot's URLs.  You have to update it every time you update 
buildbot and any of the URL structure changes (ie, a new capability is 
added at a new URL and needs to be restricted).  For proper logging to 
work, buildbot would still need to be extended to recognize some auth 
header passed along from the proxy, or you're forced to try to re- 
combine logs from the two different servers.

Not that I expect anyone to go and implement proper authentication in 
buildbot for me, but it'd be nice if people didn't kid themselves into 
believing that using a proxy is necessarily (or even probably) a better 


More information about the devel mailing list