Hi Olemis
Great, thanks for the explanation and the links.
If I understand, I can continue my prototyping test with tracd and the
*ridiculous* permissions for anonymous, but when it gets deployed with
apache the auth should work for the xmlrpc.
It looks like I could also use the patch you submitted.
Below is the ticket creation code using the apache XmlRpcClient 3.1.3,
running with BH 0.8dev.
Next I need to add a ticket modify call to perform assignment etc.
Best
Mark
import java.net.URL;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Vector;
import org.apache.xmlrpc.client.XmlRpcClient;
import org.apache.xmlrpc.client.XmlRpcClientConfigImpl;
import org.apache.xmlrpc.serializer.*;
import com.sun.org.apache.xalan.internal.xsltc.runtime.Hashtable;
public class BHhook {
/**
* @param args
*/
public static void main(String[] args) {
System.out.println("osps bloodhound ticket creation");
try {
XmlRpcClientConfigImpl xmlRpcClientConfig = new XmlRpcClientConfigImpl();
xmlRpcClientConfig.setServerURL(new URL(
"http://leela:8000/main/products/P1/login/xmlrpc";));
// not applicable for tracd
xmlRpcClientConfig.setBasicEncoding("UTF-8");
xmlRpcClientConfig.setBasicUserName("user");
xmlRpcClientConfig.setBasicPassword("pass");
xmlRpcClientConfig.setEncoding("UTF-8");
XmlRpcClient xmlRpcClient = new XmlRpcClient();
xmlRpcClient.setConfig(xmlRpcClientConfig);
Vector params = new Vector();
params.addElement(new String("java rpc description"));
params.addElement(new String("java rpc comment"));
/*
* https://github.com/moses-smt/mosesdecoder/blob/master/contrib/server
* /SampleClient.java The XML-RPC data type <struct> can be
* represented using HashMap.
*/
HashMap<String, String> sParams = new HashMap<String, String>();
String textToTranslate = new String("some text to translate .");
sParams.put("product", "mercer");
sParams.put("categories", "acat");
/*
* But the XmlRpcClient.execute method doesn't accept Hashmap
* (pParams). It's either Object[] or List.
*/
Object[] structparams = new Object[] { null };
structparams[0] = sParams;
// add the struct to the params vector
params.addElement(structparams[0]);
// 4th parm: do or don't send notification
params.add(Boolean.FALSE);
Object result = xmlRpcClient.execute("ticket.create", params);
int ticketID = ((Integer) result).intValue();
System.out.println("The new ticketID is: " + ticketID);
return;
} catch (Throwable t) {
t.printStackTrace();
return;
}
}
}
On 03/10/2014 06:25 PM, Olemis Lang wrote:
On Mon, Mar 10, 2014 at 4:43 PM, Mark Abbate <abbat...@gmail.com
<mailto:abbat...@gmail.com>> wrote:
Hello All
Hi !
:)
I am stuck on xmlrpc auth.
I am using 0.8dev and the latest xmlrpc plugin, with sqlite and
the builtin server.
tracd you mean ? If so , this is a known issue . There's a candidate
solution proposed in this ticket for Trac [2]_
I am using the apache xmlrpc java libs and I am also using
chrome-postman to cross-check.
jftr , see this sample code [1]_ . I tested against a BH 0.8-dev
instance (powered by apache2 web server , btw) and it works as
expected with minor modifications.
I *think* that the only way I can create a ticket using xmlrpc or
postman is by using this URL:
http://leela:8000/OSPS/products/mercer/login/xmlrpc
and by giving anonymous TRAC_ADMIN and XML_RPC permissions.
that's a combination of permissions I honestly do not recommend
I cannot get this URL to work:
http://leela:8000/OSPS/login/rpc
that URL seems to belong in the global environment , you should not
have tickets there in deployments by default , but in products .
The log output shows:
2014-03-10 16:10:07,696 Trac[web_ui] DEBUG: RPC(XML-RPC) call by
'anonymous'
despite creating valid basic auth headers in postman, or in the
java xmlrpc code.
The log output ends with:
ServiceException: ServiceException details : columns product, id
are not unique
What version of BH are you running ?
If I log in from another tab in the browser, and then use postman,
I get the same error but I do see my login name:
2014-03-10 16:14:46,459 Trac[web_ui] DEBUG: RPC(XML-RPC) call by
'mabbate'
(That user does have TRAC_ADMIN and XML_RPC permissions)
This is documented in [2]_ . What happens (with tracd) is that there
is no way to challenge the RPC client when requesting
/products/P/login/.* . The only possible URLs supported by the tracd
auth mechanism is /login/* which leads you to the global env .
So, how can I use xmlrpc with a non-anonymous user to avoid giving
giving anonymous those permissions?
... with tracd there's no hope as long as something is done about [2]_
. AFAICR I proposed a patch for BH but it is not committed in /trunk .
Sorry
I have looked around, read this:
https://groups.google.com/forum/#!msg/trac-users/lPnrfSOSmoo/6jmUIYqdttkJ
<https://groups.google.com/forum/#%21msg/trac-users/lPnrfSOSmoo/6jmUIYqdttkJ>
but that's over my head at this point. The fundamental issue seems
similar, the http server is defaulting to anonymous.
I saw the note about use of AccountManagerPlugIn. I am using
"TracAccountManager 0.4.3 User account management plugin for Trac"
so I did add as suggested.
[account-manager]
environ_auth_overwrite = false
jftr ... it's a lower level issue with tracd . Like I just said , it
will not force the RPC client to send a challenge
[...]
.. [1] http://trac-hacks.org/attachment/ticket/11108/TracRpcApache.java
.. [2] http://trac.edgewall.org/ticket/11287
--
Regards,
Olemis - @olemislc
Apacheā¢ Bloodhound contributor
http://issues.apache.org/bloodhound
http://blood-hound.net
Blog ES: http://simelo-es.blogspot.com/
Blog EN: http://simelo-en.blogspot.com/
Featured article:
