| Issue 1862: | Continuous redirects when using http authentication | |
| 4 people starred this issue and may be notified of changes. | Back to list |
************************************************************ ***** NOTE: THIS BUG TRACKER IS FOR GERRIT CODE REVIEW ***** ***** DO NOT SUBMIT BUGS FOR CHROME, ANDROID, INTERNAL ***** ***** ISSUES WITH YOUR COMPANY'S GERRIT SETUP, ETC. ***** ***** THOSE ISSUE BELONG IN DIFFERENT ISSUE TRACKERS! ***** ************************************************************ Affected Version: 2.6-rc0 What steps will reproduce the problem? 1. create new instance of gerrit with http authentication and reverse proxy 2. enter url http://gerrit.pc-tito-mint/ in the browser 3. enter user name and password What is the expected output? What do you see instead? I should see the main gerrit page, but instead the browser is constantly reloading url http://gerrit.pc-tito-mint/# Please provide any additional information below. I tried the latest stable version and the same configuration worked. It looks like a regression in the latest version. gerrit.conf: [gerrit] basePath = /home/gerrit2/repo canonicalWebUrl = http://gerrit.pc-tito-mint/ [database] type = mysql hostname = localhost database = reviewdb username = gerrit2 [auth] type = HTTP [sendemail] smtpServer = <SMTP SERVER> smtpUser = from = <FROM ADDRESS> [container] user = gerrit2 javaHome = /usr/lib/jvm/java-7-openjdk-i386/jre [sshd] listenAddress = *:29418 [httpd] listenUrl = proxy-http://127.0.0.1:8081/ [cache] directory = cache apache configuration: <VirtualHost *:80> ServerName gerrit.pc-tito-mint ProxyRequests Off ProxyVia Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> <Location /login/> AuthType Basic AuthName "Gerrit Code Review" AuthUserFile /etc/apache2/users AuthGroupFile /etc/apache2/groups Require group review Order deny,allow Allow from all </Location> ProxyPass / http://127.0.0.1:8081/ </VirtualHost>
Apr 22, 2013
#1
sop@google.com
Labels:
2.6
Apr 22, 2013
(No comment was entered for this change.)
Labels:
-2.6 Blocking-2.6
Apr 23, 2013
Same issue in 2.6-rc1
Apr 23, 2013
Reproduced this loop locally, it seems like a bug in HttpAuthFilter.
Status:
Accepted
Owner: sop@google.com
Apr 23, 2013
The bug was introduced in eb81d926: commit eb81d926bf22da43be01c3e693b8698e1be91a91 Author: Shawn Pearce <sop@google.com> Date: Tue Mar 12 07:18:03 2013 -0700 Verify session matches container authentiation header If the user alters their identity in the container invalidate the Gerrit user session and force a new one to begin. Bug: issue 1822 Change-Id: Id438576f2e8a2d06dce92806f1698a7ca53d999e
Apr 24, 2013
(No comment was entered for this change.)
Status:
Submitted
Labels: -Blocking-2.6 FixedIn-2.6 |
|
| ► Sign in to add a comment |