Skip to content
This issue has been moved to a discussionGo to the discussion

indexer: user/password of the -U url not used to connect to Tomcat #3911

Closed
@sbouhnik

Description

@sbouhnik

Describe the bug
When setting user/password in the URL of the -U parameter, it's not used by the indexer to connect to Tomcat.

To Reproduce
Enable authentication in Tomcat and try to generate index

Expected behavior
Index working with authentication activated

Activity

vladak

vladak commented on Mar 29, 2022

@vladak
Member

Is the indexer running on the same machine as the web app ? If yes, see https://github.com/oracle/opengrok/wiki/Authorization-based-on-HTTP-Basic-Authentication , in particular the part about passing API calls. If not, see the same plus https://github.com/oracle/opengrok/wiki/Web-services#authenticationauthorization

sbouhnik

sbouhnik commented on Mar 31, 2022

@sbouhnik
Author
vladak

vladak commented on Mar 31, 2022

@vladak
Member

How does your authentication setup look like ? In the above mentioned wiki there is a piece of configuration that exempts the API end points (one of which is used by the indexer) from being subject to the authentication checks, specifically this part:

<security-constraint>
    <web-resource-collection>                                               
        <web-resource-name>API endpoints are checked separately by the web app</web-resource-name>
        <url-pattern>/api/*</url-pattern>                                   
    </web-resource-collection>                                              
</security-constraint>

This is fine to do because OpenGrok performs checks of most of the API locations by itself (as is actually noted in the web resource name) - however see the rest of the configuration on the wiki.

My point is that the basic auth information should not be necessary for the indexer to successfully reach the web app, if everything is configured correctly.

locked and limited conversation to collaborators on Jan 6, 2023
converted this issue into a discussion #4151 on Jan 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @vladak@sbouhnik

        Issue actions

          indexer: user/password of the -U url not used to connect to Tomcat · Issue #3911 · oracle/opengrok