On 29. Aug, 2013, at 3:54, Olemis Lang wrote: > Hi ! > > Lately I've been working on the functional test suite of Bloodhound > RPC plugin and I stumbled upon a few facts regarding the use of tracd, > which I need for the functional test suite. What I'm doing now is > basically to enhance the existing test suite to introduce the concept > of functional tester applied to RPC. > > http://rpc.blood-hound.net/changeset/ba8a5d71df6d/rpc > http://rpc.blood-hound.net/changeset/818dce534d81/rpc
> > If you take a look into the details then you'll notice that RPC > testers are mixins enhancing the usual functional testers by adding > methods useful to instantiate RPC server proxy objects. Using it to > enhancing BloodhoundFunctionalTester class is the obvious next step > but ... there is a subtle dichotomy . > > 1. the regular Bloodhound functional test run starts tracd wit no auth > because that's managed by trachacks:AccountManagerPlugin , and thereby > RPC requests won't be authenticated > * this is recommended in the installation procedure > https://issues.apache.org/bloodhound/wiki/BloodhoundInstall > 2. since BH default install uses digest files for passwords, it's > straightforward to recommend the same auth scheme for RPC, therefore > the logical conclusion for the default test suite would be to > start tracd by supplying --auth param , but ... > * ... by doing so it's impossible to log in to the BH site under test > because requests sent to /login path are intercepted by tracd > auth middlewares. > * as a consequence functional tester login will always halt > * and in real deployments based on tracd (if any) this means that > either trachacks:AccountManager will be useless or it will be > impossible to perform authenticated RPC requests. > > (My) conclusions are that in spite of making auth compatible with BH > default install tracd must be modified in such a way that /login path > will be excluded of HTTP digest auth zone , as opposite to everything > else under that path e.g. /login/rpc > > The question is how to achieve this ? By introducing a new parameter > in tracd ? By supplying a regular expression ? Any other suggestions ? > Does this deserve to be backported to Trac (afaict, this will be an > issue for similar Trac deployments too) ? Would it help to use the HttpAuthPlugin[1] for this? At least this seems to be the recommended procedure[2] when using the XmlRpcPlugin with AccountManager. If that's not a viable option, how about injecting our own (new) middleware on top of AccountManager in order to intercept and pre-process /login requests? [1] - http://trac-hacks.org/wiki/HttpAuthPlugin [2] - http://trac-hacks.org/ticket/3598 -- matevz > > PS: BTW, is there any plan for milestone:"Release 8" to enhance the > changesets view ? > > -- > Regards, > > Olemis - @olemislc > > Apache™ Bloodhound contributor > http://issues.apache.org/bloodhound > http://blood-hound.net > > Blog ES: http://simelo-es.blogspot.com/ > Blog EN: http://simelo-en.blogspot.com/ > > Featured article:
