Return-Path: 
 <user-return-256-apmail-bloodhound-user-archive=bloodhound.apache.org@bloodhound.apache.org>
X-Original-To: apmail-bloodhound-user-archive@www.apache.org
Delivered-To: apmail-bloodhound-user-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 2A4C410E30
	for <apmail-bloodhound-user-archive@www.apache.org>;
 Tue, 11 Mar 2014 18:00:20 +0000 (UTC)
Received: (qmail 91590 invoked by uid 500); 11 Mar 2014 18:00:19 -0000
Delivered-To: apmail-bloodhound-user-archive@bloodhound.apache.org
Received: (qmail 91499 invoked by uid 500); 11 Mar 2014 18:00:11 -0000
Mailing-List: contact user-help@bloodhound.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@bloodhound.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@bloodhound.apache.org>
List-Post: <mailto:user@bloodhound.apache.org>
List-Id: <user.bloodhound.apache.org>
Reply-To: user@bloodhound.apache.org
Delivered-To: mailing list user@bloodhound.apache.org
Received: (qmail 90981 invoked by uid 99); 11 Mar 2014 18:00:08 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Mar 2014 18:00:08 +0000
X-ASF-Spam-Status: No, hits=-0.7 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of abbatemp@gmail.com designates
 209.85.216.170 as permitted sender)
Received: from [209.85.216.170] (HELO mail-qc0-f170.google.com)
 (209.85.216.170)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 11 Mar 2014 18:00:04 +0000
Received: by mail-qc0-f170.google.com with SMTP id e9so10088041qcy.29
        for <user@bloodhound.apache.org>;
 Tue, 11 Mar 2014 10:59:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=message-id:date:from:user-agent:mime-version:to:cc:subject
         :references:in-reply-to:content-type:content-transfer-encoding;
        bh=b8efmzxQyEjhZJArPiFWRI7N4jrf/yYW/r115coAiOo=;
        b=yedCrrn6/dC9Ax99SqFnZkyboInmPvaDc5jxec/y86y26A7S06DI+8R/s4L45qNNam
         Hcsj/Z5INM98IL0qDwgfm8urIlVuL+SCCwQ93oenjJ2B0FywwE3CxbKsIyfnXtXoxF9W
         Ie66ngS+Gjkf0rEvEC1Mky55+9gZNA0CzX68hRjk8uapnB/kqVaX+dP05Kiwamj8+0JH
         WkAekvqXFX7jau75gw7FKdHw8YQq3t6BEhH/X6PnXhboN5BXrDcCBcv/c/KC3WuVl5Ho
         wvCyDFoEuosqnbyE0/wnJ+3MHJhsJzT9XabeBF7e411VpYBqldGwsoGqQKc2expRNHhu
         S1lQ==
X-Received: by 10.224.99.3 with SMTP id s3mr4420028qan.84.1394560783603;
        Tue, 11 Mar 2014 10:59:43 -0700 (PDT)
Received: from Rachel-PC.home (pool-72-74-242-183.bstnma.fios.verizon.net.
 [72.74.242.183])
        by mx.google.com with ESMTPSA id
 q10sm70140919qaj.13.2014.03.11.10.59.42
        for <multiple recipients>
        (version=TLSv1 cipher=RC4-SHA bits=128/128);
        Tue, 11 Mar 2014 10:59:43 -0700 (PDT)
Message-ID: <531F4F0E.5090502@gmail.com>
Date: Tue, 11 Mar 2014 13:59:42 -0400
From: Mark Abbate <abbatemp@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:17.0) Gecko/20130514 Thunderbird/17.0.6
MIME-Version: 1.0
To: user@bloodhound.apache.org
CC: Olemis Lang <olemis@gmail.com>
Subject: Re: xmlrpc auth question
References: <531E3203.2070608@gmail.com>
 <CAGMZAuN4+2jRh+FDCR8h0day01TyJ_ssagHtQhhycor70nEUSA@mail.gmail.com>
In-Reply-To: 
 <CAGMZAuN4+2jRh+FDCR8h0day01TyJ_ssagHtQhhycor70nEUSA@mail.gmail.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 8bit
X-Virus-Checked: Checked by ClamAV on apache.org

Hi Olemis

Great, thanks for the explanation and the links.

If I understand, I can continue my prototyping test with tracd and the 
*ridiculous* permissions for anonymous, but when it gets deployed with 
apache the auth should work for the xmlrpc.

It looks like I could also use the patch you submitted.

Below is the ticket creation code using the apache XmlRpcClient 3.1.3, 
running with BH 0.8dev.
Next I need to add a ticket modify call to perform assignment etc.

Best
Mark

import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Vector;

import org.apache.xmlrpc.client.XmlRpcClient;
import org.apache.xmlrpc.client.XmlRpcClientConfigImpl;
import org.apache.xmlrpc.serializer.*;

import com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable;

public class BHhook {

/**
* @param args
*/
public static void main(String[] args) {

System.out.println("osps bloodhound ticket creation");

try {
XmlRpcClientConfigImpl xmlRpcClientConfig = new XmlRpcClientConfigImpl();
xmlRpcClientConfig.setServerURL(new URL(
"http://leela:8000/main/products/P1/login/xmlrpc"));

// not applicable for tracd
xmlRpcClientConfig.setBasicEncoding("UTF-8");
xmlRpcClientConfig.setBasicUserName("user");
xmlRpcClientConfig.setBasicPassword("pass");
xmlRpcClientConfig.setEncoding("UTF-8");

XmlRpcClient xmlRpcClient = new XmlRpcClient();
xmlRpcClient.setConfig(xmlRpcClientConfig);

Vector params = new Vector();
params.addElement(new String("java rpc description"));
params.addElement(new String("java rpc comment"));

/*
* https://github.com/moses-smt/mosesdecoder/blob/master/contrib/server
* /SampleClient.java The XML-RPC data type <struct> can be
* represented using HashMap.
*/
HashMap<String, String> sParams = new HashMap<String, String>();
String textToTranslate = new String("some text to translate .");
sParams.put("product", "mercer");
sParams.put("categories", "acat");
/*
* But the XmlRpcClient.execute method doesn't accept Hashmap
* (pParams). It's either Object[] or List.
*/
Object[] structparams = new Object[] { null };
structparams[0] = sParams;

// add the struct to the params vector
params.addElement(structparams[0]);

// 4th parm: do or don't send notification
params.add(Boolean.FALSE);
Object result = xmlRpcClient.execute("ticket.create", params);

int ticketID = ((Integer) result).intValue();
System.out.println("The new ticketID is: " + ticketID);

return;
} catch (Throwable t) {
t.printStackTrace();
return;
}
}
}

On 03/10/2014 06:25 PM, Olemis Lang wrote:
>
>
> On Mon, Mar 10, 2014 at 4:43 PM, Mark Abbate <abbatemp@gmail.com 
> <mailto:abbatemp@gmail.com>> wrote:
>
>     Hello All
>
>
> Hi !
> :)
>
>     I am stuck on xmlrpc auth.
>
>     I am using 0.8dev and the latest xmlrpc plugin, with sqlite and
>     the builtin server.
>
>
> tracd you mean ? If so , this is a known issue . There's a candidate 
> solution proposed in this ticket for Trac [2]_
>
>     I am using the apache xmlrpc java libs and I am also using
>     chrome-postman to cross-check.
>
>
> jftr , see this sample code [1]_ . I tested against a BH 0.8-dev 
> instance (powered by apache2 web server , btw) and it works as 
> expected with minor modifications.
>
>     I *think* that the only way I can create a ticket using xmlrpc or
>     postman is by using this URL:
>     http://leela:8000/OSPS/products/mercer/login/xmlrpc
>     and by giving anonymous TRAC_ADMIN and XML_RPC permissions.
>
>
> that's a combination of permissions I honestly do not recommend
>
>
>     I cannot get this URL to work:
>     http://leela:8000/OSPS/login/rpc
>
>
> that URL seems to belong in the global environment , you should not 
> have tickets there in deployments by default , but in products .
>
>
>     The log output shows:
>     2014-03-10 16:10:07,696 Trac[web_ui] DEBUG: RPC(XML-RPC) call by
>     'anonymous'
>     despite creating valid basic auth headers in postman, or in the
>     java xmlrpc code.
>     The log output ends with:
>     ServiceException: ServiceException details : columns product, id
>     are not unique
>
>
> What version of BH are you running ?
>
>     If I log in from another tab in the browser, and then use postman,
>     I get the same error but I do see my login name:
>     2014-03-10 16:14:46,459 Trac[web_ui] DEBUG: RPC(XML-RPC) call by
>     'mabbate'
>     (That user does have TRAC_ADMIN and XML_RPC permissions)
>
>
> This is documented in [2]_ . What happens (with tracd) is that there 
> is no way to challenge the RPC client when requesting 
> /products/P/login/.* . The only possible URLs supported by the tracd 
> auth mechanism is /login/* which leads you to the global env .
>
>     So, how can I use xmlrpc with a non-anonymous user to avoid giving
>     giving anonymous those permissions?
>
>
> ... with tracd there's no hope as long as something is done about [2]_ 
> . AFAICR I proposed a patch for BH but it is not committed in /trunk .
> Sorry
>
>     I have looked around, read this:
>     https://groups.google.com/forum/#!msg/trac-users/lPnrfSOSmoo/6jmUIYqdttkJ
>     <https://groups.google.com/forum/#%21msg/trac-users/lPnrfSOSmoo/6jmUIYqdttkJ>
>     but that's over my head at this point. The fundamental issue seems
>     similar, the http server is defaulting to anonymous.
>     I saw the note about use of AccountManagerPlugIn. I am using
>     "TracAccountManager 0.4.3 User account management plugin for Trac"
>     so I did add as suggested.
>     [account-manager]
>     environ_auth_overwrite = false
>
>
> jftr ... it's a lower level issue with tracd . Like I just said , it 
> will not force the RPC client to send a challenge
>
> [...]
>
> .. [1] http://trac-hacks.org/attachment/ticket/11108/TracRpcApache.java
>
> .. [2] http://trac.edgewall.org/ticket/11287
>
> -- 
> Regards,
>
> Olemis - @olemislc
>
> Apache� Bloodhound contributor
> http://issues.apache.org/bloodhound
> http://blood-hound.net
>
> Blog ES: http://simelo-es.blogspot.com/
> Blog EN: http://simelo-en.blogspot.com/
>
> Featured article:
>
>