Replies: 3 comments
-
| Is the indexer running on the same machine as the web app ? If yes, see https://github.com/oracle/opengrok/wiki/Authorization-based-on-HTTP-Basic-Authentication , in particular the part about passing API calls. If not, see the same plus https://github.com/oracle/opengrok/wiki/Web-services#authenticationauthorization | 
Beta Was this translation helpful? Give feedback.
-
| Hi Vladimir,
Thanks for the  answer
But I think the issue is not in the config of tomcat. When I'm connecting
from a web client not in the local system it works.
Or if I'm passing the Basic authentication in curl it works also.
The issue is that the indexer is not filling the 'Authorization: Basic <>' in
the request therefore it's rejected by tomcat.
Regards,
Shmuel
web: https://wdp.harchoma.org.il/
… On Tue, 29 Mar 2022 at 13:44, Vladimir Kotal ***@***.***> wrote:
 Is the indexer running on the same machine as the web app ? If yes, see
 https://github.com/oracle/opengrok/wiki/Authorization-based-on-HTTP-Basic-Authentication
 , in particular the part about passing API calls. If not, see the same plus
 https://github.com/oracle/opengrok/wiki/Web-services#authenticationauthorization
 —
 Reply to this email directly, view it on GitHub
 <#3911 (comment)>,
 or unsubscribe
 <https://github.com/notifications/unsubscribe-auth/AGCRWD2HT7RPC2UOO4BPSBDVCLNJPANCNFSM5ROJSTVQ>
 .
 You are receiving this because you authored the thread.Message ID:
 ***@***.***>
 | 
Beta Was this translation helpful? Give feedback.
-
| How does your authentication setup look like ? In the above mentioned wiki there is a piece of configuration that exempts the API end points (one of which is used by the indexer) from being subject to the authentication checks, specifically this part: <security-constraint>
    <web-resource-collection>                                               
        <web-resource-name>API endpoints are checked separately by the web app</web-resource-name>
        <url-pattern>/api/*</url-pattern>                                   
    </web-resource-collection>                                              
</security-constraint>This is fine to do because OpenGrok performs checks of most of the API locations by itself (as is actually noted in the web resource name) - however see the rest of the configuration on the wiki. My point is that the basic auth information should not be necessary for the indexer to successfully reach the web app, if everything is configured correctly. | 
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Describe the bug
When setting user/password in the URL of the -U parameter, it's not used by the indexer to connect to Tomcat.
To Reproduce
Enable authentication in Tomcat and try to generate index
Expected behavior
Index working with authentication activated
Beta Was this translation helpful? Give feedback.
All reactions