Hi, Gary. Thanks for getting back to me.
Yes, I tried /bloodhound/login, and that works for me. /bloodhound/([^/]+/)?login works for me too. Thanks! - Chris Harris From: Gary Martin [mailto:gary.mar...@wandisco.com] Sent: Monday, March 16, 2015 6:25 PM To: user@bloodhound.apache.org Subject: Re: "/bloodhound/[^/]+/login" Hi Chris, Sorry about the delay. I should probably take some time to look into what the exact issue is but here are my initial thoughts. If you are just after a regex that will match /bloodhound/login you could experiment with just using /bloodhound/login in that location. If it turns out it is better to keep some of the flavour of what the original LocationMatch is attempting, the next obvious thing would be to try /bloodhound/([^/]+/)?login or something that allows for 0 or 1 matches of the whole section. It is quite possible that this is a mistake in our documentation and the intention of the match is so that you can serve a set of trac projects such that the [^/]+ is matching the trac project while we are only really intending there to be a single trac project (with one or more bloodhound products). I'll have to investigate a bit further but I hope that is of some use. Cheers, Gary On 10 March 2015 at 23:01, Harris, Christopher P <chris_har...@baxter.com<mailto:chris_har...@baxter.com>> wrote: After some Googling, I read the following: ([^/]+) Which means match text of 1 or more characters until a forward slash is found. So, that would match a URL such as: http://localhost/bloodhound/blah/login So, I tried the following: /bloodhound/[^/]*/login …but that didn’t work either. Basic auth is effectively disabled, and I’m not greeted with a Basic auth dialog box by the browser. Do I really need “/bloodhound/[^/]+/login” as my RegEx pattern to catch whatever it is that the Trac/Bloodhound authors intend for me to catch? - Chris Harris From: Harris, Christopher P Sent: Tuesday, March 10, 2015 5:42 PM To: 'user@bloodhound.apache.org<mailto:user@bloodhound.apache.org>' Subject: "/bloodhound/[^/]+/login" Hi. Since I started using Bloodhound, around v0.4, I’ve had issues with the RegEx pattern "/bloodhound/[^/]+/login" that’s defined in my Apache HTTPd web server’s virtual hosts config. Specifically, my issue is that it never works! If I click on the Login link on the Bloodhound home page, I’m redirected to the login page, but I’m not greeted with a basic auth dialog box by the browser. Yes, my basic auth creds from previous sessions are being cleared…in case that’s what you’re thinking. Ironically, I’ve had much success with IE 8 in regard to clearing my basic auth credentials. I’ve only had success with the following RegEx patterns: /bloodhound/login <-- this pattern being the most ideal out of these 2 patterns /bloodhound Still, I can circumvent the basic auth dialog box if I type in more than 1 forward slash in between bloodhound and before login. That’s not ideal. I think I understand that the pattern in question means to catch URL’s that have any number of forward slashes after bloodhound and before login. Ex – http://localhost/bloodhound//////login<http://localhost/bloodhound/login> Is my understanding correct? I know…this is not exactly Bloodhound-specific. It’s more Apache HTTPd-specific or RegEx-specific. In any case, can someone please explain to me why "/bloodhound/[^/]+/login" is not working? Here’s my httpd-vhosts.conf (and, in any case, I can at least share my working config that auths with Active Director groups in Apache 2.4 ☺ ): WSGIPythonHome C:/apache/bloodhound/installer/bloodhound WSGIPythonPath C:/apache/bloodhound/installer/bloodhound/site;C:/apache/bloodhound/installer/bloodhound/Lib/site-packages #****NOTE****The following virtual host uses mod_authz_ldap.so to handle auth access to Bloodhound. # Go to http://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html for documentation. <VirtualHost *:80> WSGIScriptAlias /bloodhound C:/apache/bloodhound/installer/bloodhound/site/cgi-bin/trac.wsgi <Directory C:/apache/bloodhound/installer/bloodhound/site/cgi-bin> WSGIApplicationGroup %{GLOBAL} Require all granted <Files trac.wsgi> Require all granted </Files> </Directory> LogLevel debug <LocationMatch "/bloodhound/[^/]+/login"> AuthLDAPURL "ldap://<the_host>:3268/<the_search_base>?<the_attribute>?sub?(objectClass=<the_object_class>)" AuthLDAPBindDN "<the_bind_dn>” AuthLDAPBindPassword "<the_password>" LDAPReferrals Off AuthType Basic AuthName "Bloodhound - Please Provide Your Credentials" AuthBasicProvider ldap Require ldap-group <the_ldap_group> AuthLDAPGroupAttribute member AuthLDAPGroupAttributeIsDN on </LocationMatch> </VirtualHost> - Chris Harris The information transmitted is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or legally privileged material. Delivery of this message to any person other than the intended recipient(s) is not intended in any way to waive privilege or confidentiality. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. For Translation: http://www.baxter.com/email_disclaimer The information transmitted is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or legally privileged material. Delivery of this message to any person other than the intended recipient(s) is not intended in any way to waive privilege or confidentiality. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. For Translation: http://www.baxter.com/email_disclaimer The information transmitted is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or legally privileged material. Delivery of this message to any person other than the intended recipient(s) is not intended in any way to waive privilege or confidentiality. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from any computer. For Translation: http://www.baxter.com/email_disclaimer