My favorites | Sign in
Project Home Downloads Wiki Issues Source
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 1862: Continuous redirects when using http authentication
4 people starred this issue and may be notified of changes. Back to list
Status:  Submitted
Owner:  sop@google.com
Closed:  Apr 2013


Sign in to add a comment
 
Reported by peregryn...@gmail.com, Apr 9, 2013
************************************************************
***** NOTE: THIS BUG TRACKER IS FOR GERRIT CODE REVIEW *****
***** DO NOT SUBMIT BUGS FOR CHROME, ANDROID, INTERNAL *****
***** ISSUES WITH YOUR COMPANY'S GERRIT SETUP, ETC.    *****
***** THOSE ISSUE BELONG IN DIFFERENT ISSUE TRACKERS!  *****
************************************************************

Affected Version: 2.6-rc0

What steps will reproduce the problem?
1. create new instance of gerrit with http authentication and reverse proxy
2. enter url http://gerrit.pc-tito-mint/ in the browser
3. enter user name and password

What is the expected output? What do you see instead?
I should see the main gerrit page, but instead the browser is constantly reloading url http://gerrit.pc-tito-mint/#

Please provide any additional information below.

I tried the latest stable version and the same configuration worked. It looks like a regression in the latest version.

gerrit.conf:
[gerrit]
	basePath = /home/gerrit2/repo
	canonicalWebUrl = http://gerrit.pc-tito-mint/
[database]
	type = mysql
	hostname = localhost
	database = reviewdb
	username = gerrit2
[auth]
	type = HTTP
[sendemail]
	smtpServer = <SMTP SERVER>
	smtpUser =
	from = <FROM ADDRESS>
[container]
	user = gerrit2
	javaHome = /usr/lib/jvm/java-7-openjdk-i386/jre
[sshd]
	listenAddress = *:29418
[httpd]
	listenUrl = proxy-http://127.0.0.1:8081/
[cache]
	directory = cache 

apache configuration:
<VirtualHost *:80>
	ServerName gerrit.pc-tito-mint

	ProxyRequests Off
	ProxyVia Off
	ProxyPreserveHost On

	<Proxy *>
	    Order deny,allow
	    Allow from all
	</Proxy>

	<Location /login/>
	    AuthType Basic
	    AuthName "Gerrit Code Review"
	    AuthUserFile /etc/apache2/users
	    AuthGroupFile /etc/apache2/groups
	    Require group review
	    Order deny,allow
	    Allow from all
	</Location>

	ProxyPass / http://127.0.0.1:8081/
</VirtualHost>

Apr 22, 2013
#1 sop@google.com
(No comment was entered for this change.)
Labels: 2.6
Apr 22, 2013
#2 sop@google.com
(No comment was entered for this change.)
Labels: -2.6 Blocking-2.6
Apr 23, 2013
#3 kvp...@gmail.com
Same issue in 2.6-rc1
Apr 23, 2013
#4 sop@google.com
Reproduced this loop locally, it seems like a bug in HttpAuthFilter.
Status: Accepted
Owner: sop@google.com
Apr 23, 2013
#5 sop@google.com
The bug was introduced in eb81d926:

commit eb81d926bf22da43be01c3e693b8698e1be91a91
Author: Shawn Pearce <sop@google.com>
Date:   Tue Mar 12 07:18:03 2013 -0700

    Verify session matches container authentiation header
    
    If the user alters their identity in the container invalidate
    the Gerrit user session and force a new one to begin.
    
    Bug:  issue 1822 
    Change-Id: Id438576f2e8a2d06dce92806f1698a7ca53d999e

Apr 23, 2013
#6 sop@google.com
https://gerrit-review.googlesource.com/44930
Status: ChangeUnderReview
Apr 24, 2013
#7 sop@google.com
(No comment was entered for this change.)
Status: Submitted
Labels: -Blocking-2.6 FixedIn-2.6
Sign in to add a comment

Powered by Google Project Hosting