bloodhound-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gary Martin <gary.mar...@wandisco.com>
Subject Re: "/bloodhound/[^/]+/login"
Date Tue, 17 Mar 2015 09:53:54 GMT
Chris,

That is great to hear! I'll still need to look into this further of course
​to see if there is an appropriate fix for our documentation. It might also
be nice for us to add specific notes for installing with LDAP but I'll need
to get a test setup for that. Thanks for prompting all this!

Cheers,
    Gary
​

On 17 March 2015 at 06:33, Harris, Christopher P <chris_harris@baxter.com>
wrote:

>  Hi, Gary.
>
>
>
> Thanks for getting back to me.
>
>
>
> Yes, I tried /bloodhound/login, and that works for me.
>
>
>
> /bloodhound/([^/]+/)?login works for me too.
>
>
>
> Thanks!
>
>
>
> -        Chris Harris
>
>
>
> *From:* Gary Martin [mailto:gary.martin@wandisco.com]
> *Sent:* Monday, March 16, 2015 6:25 PM
> *To:* user@bloodhound.apache.org
> *Subject:* Re: "/bloodhound/[^/]+/login"
>
>
>
> Hi Chris,
>
> Sorry about the delay. I should probably take some time to look into what
> the exact issue is but here are my initial thoughts.
>
> If you are just after a regex that will match /bloodhound/login you could
> experiment with just using /bloodhound/login in that location. If it turns
> out it is better to keep some of the flavour of what the original
> LocationMatch is attempting, the next obvious thing would be to try
> /bloodhound/([^/]+/)?login or something that allows for 0 or 1 matches of
> the whole section.
>
> It is quite possible that this is a mistake in our documentation and the
> intention of the match is so that you can serve a set of trac projects such
> that the [^/]+ is matching the trac project while we are only really
> intending there to be a single trac project (with one or more bloodhound
> products).
>
> I'll have to investigate a bit further but I hope that is of some use.
>
> Cheers,
>
>     Gary
>
>
>
> On 10 March 2015 at 23:01, Harris, Christopher P <chris_harris@baxter.com>
> wrote:
>
> After some Googling, I read the following:
>
> ([^/]+)
>
> Which means match text of 1 or more characters until a forward slash is
> found.
>
> So, that would match a URL such as:
>
> http://localhost/bloodhound/blah/login
>
>
>
>
>
> So, I tried the following:
>
> /bloodhound/[^/]*/login
>
> …but that didn’t work either.  Basic auth is effectively disabled, and I’m
> not greeted with a Basic auth dialog box by the browser.
>
>
>
> Do I really need “/bloodhound/[^/]+/login” as my RegEx pattern to catch
> whatever it is that the Trac/Bloodhound authors intend for me to catch?
>
>
>
> -        Chris Harris
>
>
>
> *From:* Harris, Christopher P
> *Sent:* Tuesday, March 10, 2015 5:42 PM
> *To:* 'user@bloodhound.apache.org'
> *Subject:* "/bloodhound/[^/]+/login"
>
>
>
> Hi.
>
>
>
> Since I started using Bloodhound, around v0.4, I’ve had issues with the
> RegEx pattern "/bloodhound/[^/]+/login" that’s defined in my Apache HTTPd
> web server’s virtual hosts config.
>
>
>
> Specifically, my issue is that it never works!
>
> If I click on the Login link on the Bloodhound home page, I’m redirected
> to the login page, but I’m not greeted with a basic auth dialog box by the
> browser.  Yes, my basic auth creds from previous sessions are being
> cleared…in case that’s what you’re thinking.  Ironically, I’ve had much
> success with IE 8 in regard to clearing my basic auth credentials.
>
>
>
> I’ve only had success with the following RegEx patterns:
>
> /bloodhound/login      ß this pattern being the most ideal out of these 2
> patterns
>
> /bloodhound
>
>
>
> Still, I can circumvent the basic auth dialog box if I type in more than 1
> forward slash in between bloodhound and before login.  That’s not ideal.
>
>
>
> I think I understand that the pattern in question means to catch URL’s
> that have any number of forward slashes after bloodhound and before login.
>
> Ex – http://localhost/bloodhound//////login
> <http://localhost/bloodhound/login>
>
>
>
> Is my understanding correct?
>
>
>
> I know…this is not exactly Bloodhound-specific.  It’s more Apache
> HTTPd-specific or RegEx-specific.
>
>
>
> In any case, can someone please explain to me why
> "/bloodhound/[^/]+/login" is not working?
>
>
>
> Here’s my httpd-vhosts.conf  (and, in any case, I can at least share my
> working config that auths with Active Director groups in Apache 2.4  J  ):
>
>
>
> WSGIPythonHome C:/apache/bloodhound/installer/bloodhound
>
> WSGIPythonPath
> C:/apache/bloodhound/installer/bloodhound/site;C:/apache/bloodhound/installer/bloodhound/Lib/site-packages
>
>
>
> #****NOTE****The following virtual host uses mod_authz_ldap.so to handle
> auth access to Bloodhound.
>
> # Go to http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html for
> documentation.
>
>
>
> <VirtualHost *:80>
>
>                WSGIScriptAlias /bloodhound
> C:/apache/bloodhound/installer/bloodhound/site/cgi-bin/trac.wsgi
>
>                <Directory
> C:/apache/bloodhound/installer/bloodhound/site/cgi-bin>
>
>                               WSGIApplicationGroup %{GLOBAL}
>
>                               Require all granted
>
>                               <Files trac.wsgi>
>
>                                              Require all granted
>
>                               </Files>
>
>                </Directory>
>
>                LogLevel debug
>
>                <LocationMatch "/bloodhound/[^/]+/login">
>
>                               AuthLDAPURL
> "ldap://<the_host>:3268/<the_search_base>?<the_attribute>?sub?(objectClass=<the_object_class>)"
>
>                               AuthLDAPBindDN "<the_bind_dn>”
>
>                               AuthLDAPBindPassword "<the_password>"
>
>                               LDAPReferrals Off
>
>
>
>                               AuthType Basic
>
>                               AuthName "Bloodhound - Please Provide Your
> Credentials"
>
>                               AuthBasicProvider ldap
>
>                               Require ldap-group <the_ldap_group>
>
>                               AuthLDAPGroupAttribute member
>
>                               AuthLDAPGroupAttributeIsDN on
>
>                </LocationMatch>
>
> </VirtualHost>
>
>
>
> -        Chris Harris
>
>
>
> The information transmitted is intended only for the person(s) or entity
> to which it is addressed and may contain confidential and/or legally
> privileged material. Delivery of this message to any person other than the
> intended recipient(s) is not intended in any way to waive privilege or
> confidentiality. Any review, retransmission, dissemination or other use of,
> or taking of any action in reliance upon, this information by entities
> other than the intended recipient is prohibited. If you receive this in
> error, please contact the sender and delete the material from any computer.
>
> For Translation:
>
> http://www.baxter.com/email_disclaimer
>
> The information transmitted is intended only for the person(s) or entity
> to which it is addressed and may contain confidential and/or legally
> privileged material. Delivery of this message to any person other than the
> intended recipient(s) is not intended in any way to waive privilege or
> confidentiality. Any review, retransmission, dissemination or other use of,
> or taking of any action in reliance upon, this information by entities
> other than the intended recipient is prohibited. If you receive this in
> error, please contact the sender and delete the material from any computer.
>
> For Translation:
>
> http://www.baxter.com/email_disclaimer
>
>
>
> The information transmitted is intended only for the person(s) or entity
> to which it is addressed and may contain confidential and/or legally
> privileged material. Delivery of this message to any person other than the
> intended recipient(s) is not intended in any way to waive privilege or
> confidentiality. Any review, retransmission, dissemination or other use of,
> or taking of any action in reliance upon, this information by entities
> other than the intended recipient is prohibited. If you receive this in
> error, please contact the sender and delete the material from any computer.
>
> For Translation:
>
> http://www.baxter.com/email_disclaimer
>

Mime
View raw message