Theoretically speaking, you could have arbitrary realms, usernames and passwords to keep track of. They don't have anything to do with the application credential info. So, I am not sure that inferring the basic auth credentials from the app credentials is a good idea. I am not even sure this is something that a tool like RBTool should concern itself with.
On Tuesday, June 24, 2014 2:02:59 PM UTC-7, Christian Hammond wrote: > > I think the ideal solution is to not require passing in the > http_basic_auth structure, but rather allowing it to work with the existing > username and password data. It may require a new realm option, though. I > haven’t looked into it enough. > > Christian > > -- > Christian Hammond - [email protected] <javascript:> > Review Board - http://www.reviewboard.org > Beanbag, Inc. - http://www.beanbaginc.com > > On June 24, 2014 at 1:59:06 PM, Pierre Mariani ([email protected] > <javascript:>) wrote: > > Christian, > > Thank you for your response. I understand that this is a very rare use > case. > > You are correct, I don't need to create a new password manager. I modified > the code to use the existing ReviewBoardHTTPPasswordMgr. > > Relevant code is now: > > # Set up the HTTP libraries to support all of the features we need. > password_mgr = ReviewBoardHTTPPasswordMgr(self.url, > username, > password, > auth_callback, > otp_token_callback) > #### new > if http_basic_auth: > http_basic_auth_list = json_loads(http_basic_auth) > for auth_data in http_basic_auth_list: > password_mgr.add_password(auth_data['realm'], > self.url, > auth_data['username'], > auth_data['password']) > ##### done > > > self.preset_auth_handler = PresetHTTPAuthHandler(self.url, > password_mgr) > > handlers = [] > > On Tuesday, June 24, 2014 1:08:52 PM UTC-7, Christian Hammond wrote: >> >> Hi Pierre, >> >> It’s not well-supported. At one point, it did work, but it appears to be >> very rare that people have this sort of setup, since most will use LDAP or >> ActiveDirectory or something if they want centralized authentication. >> >> Just out of curiosity, how much further do you get if oyu change >> ReviewBoardHTTPPasswordMgr.find_user_password to accept your realm? >> >> Christian >> >> -- >> Christian Hammond - [email protected] >> Review Board - http://www.reviewboard.org >> Beanbag, Inc. - http://www.beanbaginc.com >> >> On June 23, 2014 at 11:38:27 PM, Pierre Mariani ([email protected]) >> wrote: >> >> We use Review Board at work. It is installed on a web server that >> is protected by HTTP Basic Authentication. >> >> We haven't been able to use RBTools to interact with it as we >> couldn't find the right configuration to pass this authentication >> wall. >> >> After looking through the code, I didn't see how it could be >> configured at all, and came to the conclusion that this feature >> wasn't supported. >> >> I also didn't find an obvious way to modify >> ReviewBoardHTTPBasicAuthHandler or ReviewBoardHTTPPasswordMgr to >> add that feature. >> >> I resorted to defining a new server option, and passing it >> through RBClient, SyncTransport and finally to ReviewBoardServer, >> where it is used to define a new urllib2.HTTPBasicAuthHandler >> which gets added to the list of handlers. >> You can see the diff at >> https://github.com/pmariani/rbtools/compare/basic-auth-hack >> >> It's hacky but good enough for my use case. However, I would >> rather not maintain a fork and would like to be able to push >> similar changes back to the main RBTools repo. >> >> Can someone confirm that HTTP Basic Authentication isn't currently >> supported >> in RBTools? >> >> Are there design resources that would let me adapt my hack to >> something acceptable by the project? >> >> Thank you >> >> >> -- >> Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/ >> --- >> Sign up for Review Board hosting at RBCommons: https://rbcommons.com/ >> --- >> Happy user? Let us know at http://www.reviewboard.org/users/ >> --- >> You received this message because you are subscribed to the Google Groups >> "reviewboard" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> >> -- > Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/ > --- > Sign up for Review Board hosting at RBCommons: https://rbcommons.com/ > --- > Happy user? Let us know at http://www.reviewboard.org/users/ > --- > You received this message because you are subscribed to the Google Groups > "reviewboard" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > For more options, visit https://groups.google.com/d/optout. > > -- Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/ --- Sign up for Review Board hosting at RBCommons: https://rbcommons.com/ --- Happy user? Let us know at http://www.reviewboard.org/users/ --- You received this message because you are subscribed to the Google Groups "reviewboard" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
