[users at bb.net] Fwd: How do you pass through authentication from Apache?
chrisspen at gmail.com
Wed Feb 15 16:53:12 UTC 2017
---------- Forwarded message ----------
From: Chris Spencer <chrisspen at gmail.com>
Date: Wed, Feb 15, 2017 at 11:50 AM
Subject: Re: [users at bb.net] How do you pass through authentication from
To: Pierre Tardy <tardyp at gmail.com>
So if I use RemoteUserAdmin, Buildbot shouldn't render the login dropdown
form at all?
This is my auth config:
authz = util.Authz(
util.RolesFromEmails(admins=["myuser at mydomain.com"])
c['www'] = dict(
but when I restart Buildbot, it shows "Anonymous" in the upper right-hand
side of the screen, and if I click on it, it shows a login form. How do I
stop Buildbot from rendering this?
On Wed, Feb 15, 2017 at 11:09 AM, Pierre Tardy <tardyp at gmail.com> wrote:
> The goal of RemoteUserAuth is to disable completely the login UI of
> buildbot, and let apache handle the authentication alone.
> Buildbot will get a header from Apache telling it which user is actually
> logged in.
> If you configured your apache correctly, you should never achive to get
> the buildbot UI unless you get a browser-based login prompt.
> Require valid-user is if I understand correctly what is
> need to implement such thing
> Also, please note that apache requires a specific configuration to allow
> websocket to work correctly
> Le mer. 15 févr. 2017 à 17:02, Chris Spencer <chrisspen at gmail.com> a
> écrit :
>> I'm not sure I understand. Anonymous users can definitely still see the
>> site from Apache in 0.9.*. I'm looking at my Buildbot server right now as
>> an anonymous user. It seems to hide a lot of details for anonymous users,
>> but it's still rendering the basic site, listing builders and recent
>> builds. By "show no output" I mean it should only render a login page and
>> nothing else if the user is not authenticated.
>> I tried the util.RemoteUserAuth but it doesn't seem to do anything.
>> Buildbot still requires I login via the on-screen user login dropdown, and
>> ignores the basic Http login I give to Apache.
>> Oddly, it also seems to ignore util.HTPasswdAuth(). If I enter a
>> username/password that I added to my htpasswd file into Buildbot's login
>> form, Buildbot still won't let me login through its web interface. Is there
>> some trick to getting an htpasswd file to work with Buildbot? There are no
>> errors reported in the twistd.log.
>> This is my Apache config:
>> <VirtualHost *:80>
>> ProxyPass / http://127.0.0.1:8010/
>> <Location />
>> AuthType Basic
>> AuthName "Buildbot"
>> AuthUserFile /usr/local/myproject/src/buildbot/htpasswd
>> Require valid-user
>> On Wed, Feb 15, 2017 at 3:50 AM, Pierre Tardy <tardyp at gmail.com> wrote:
>> Hi Chris,
>> What you are looking for is theRemoteUserAuth plugin
>> There is no more support for combination useHttpHeader + HTPasswdAprAuth,
>> which allowed apache authentication + anonymous access.
>> I am not sure exactly if this is what you mean by "show no output to an
>> anonymous user"
>> Le mer. 15 févr. 2017 à 07:21, Chris Spencer <chrisspen at gmail.com> a
>> écrit :
>> In 0.8.*, I was using http authentication in Apache to collect the
>> username/password and pass that through to Buildbot. I was doing that with:
>> However, in 0.9.*, there doesn't appear to be a HTPasswdAprAuth class or
>> a useHttpHeader option. Is there still a way to setup this type of
>> My goal is to show no output to an anonymous user.
>> users mailing list
>> users at buildbot.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users