search

bugy / script-server

Web UI for your scripts with execution management
Other
1.6k stars 250 forks source link

when using htpasswd with api , get Unauthorized #401

Open yosefy opened 3 years ago

yosefy commented 3 years ago

hi @bugy

using htpasswd username to login via UI work great

but

when running curl -i -u myuser:mypass -X POST -F '__script_name=SCRIPT_NAME' -F 'action=SCRIPT_ACTION' 192.168.0.2:5001/executions/start

we get 

HTTP/1.1 401 Unauthorized
Server: TornadoServer/6.0.3
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Feb 2021 13:50:28 GMT
X-Frame-Options: DENY
Content-Length: 12
Vary: Accept-Encoding

Unauthorized

what do you say?

thanks

bugy commented 3 years ago

Hi, I'm afraid this is not supported. You still have to use the old flow: when you log in first, and then auth info is stored in cookies

yosefy notifications@github.com schrieb am So., 21. Feb. 2021, 14:57:

hi @bugy https://github.com/bugy

using htpasswd username to login via UI work great

but

when running curl -i -u myuser:mypass -X POST -F '__script_name=SCRIPT_NAME' -F 'action=SCRIPT_ACTION' 192.168.0.2:5001/executions/start

we get

HTTP/1.1 401 Unauthorized Server: TornadoServer/6.0.3 Content-Type: text/html; charset=UTF-8 Date: Sun, 21 Feb 2021 13:50:28 GMT X-Frame-Options: DENY Content-Length: 12 Vary: Accept-Encoding

Unauthorized

what do you say?

thanks

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bugy/script-server/issues/401, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJXPJI7C5QOQXQGQHWM4SLTAEGNTANCNFSM4X7AIYTQ .

yosefy commented 3 years ago

thanks

do you think it will work with nginx htpasswd setup?

On Sun, Feb 21, 2021 at 4:18 PM Iaroslav Shepilov notifications@github.com wrote:

Hi, I'm afraid this is not supported. You still have to use the old flow: when you log in first, and then auth info is stored in cookies

yosefy notifications@github.com schrieb am So., 21. Feb. 2021, 14:57:

hi @bugy https://github.com/bugy

using htpasswd username to login via UI work great

but

when running curl -i -u myuser:mypass -X POST -F '__script_name=SCRIPT_NAME' -F 'action=SCRIPT_ACTION' 192.168.0.2:5001/executions/start

we get

HTTP/1.1 401 Unauthorized Server: TornadoServer/6.0.3 Content-Type: text/html; charset=UTF-8 Date: Sun, 21 Feb 2021 13:50:28 GMT X-Frame-Options: DENY Content-Length: 12 Vary: Accept-Encoding

Unauthorized

what do you say?

thanks

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bugy/script-server/issues/401, or unsubscribe < https://github.com/notifications/unsubscribe-auth/AAJXPJI7C5QOQXQGQHWM4SLTAEGNTANCNFSM4X7AIYTQ

.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/bugy/script-server/issues/401#issuecomment-782865146, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADCXF3JGJSKJ5NRZDCM5UMLTAEIZZANCNFSM4X7AIYTQ .

bugy commented 3 years ago

Yes, basic auth via nginx would work

yosefy notifications@github.com schrieb am So., 21. Feb. 2021, 16:53:

thanks

do you think it will work with nginx htpasswd setup?

On Sun, Feb 21, 2021 at 4:18 PM Iaroslav Shepilov < notifications@github.com> wrote:

Hi, I'm afraid this is not supported. You still have to use the old flow: when you log in first, and then auth info is stored in cookies

yosefy notifications@github.com schrieb am So., 21. Feb. 2021, 14:57:

hi @bugy https://github.com/bugy

using htpasswd username to login via UI work great

but

when running curl -i -u myuser:mypass -X POST -F '__script_name=SCRIPT_NAME' -F 'action=SCRIPT_ACTION' 192.168.0.2:5001/executions/start

we get

HTTP/1.1 401 Unauthorized Server: TornadoServer/6.0.3 Content-Type: text/html; charset=UTF-8 Date: Sun, 21 Feb 2021 13:50:28 GMT X-Frame-Options: DENY Content-Length: 12 Vary: Accept-Encoding

Unauthorized

what do you say?

thanks

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bugy/script-server/issues/401, or unsubscribe <

https://github.com/notifications/unsubscribe-auth/AAJXPJI7C5QOQXQGQHWM4SLTAEGNTANCNFSM4X7AIYTQ

.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <https://github.com/bugy/script-server/issues/401#issuecomment-782865146 , or unsubscribe < https://github.com/notifications/unsubscribe-auth/ADCXF3JGJSKJ5NRZDCM5UMLTAEIZZANCNFSM4X7AIYTQ

.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/bugy/script-server/issues/401#issuecomment-782879419, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAJXPJPZZNWBRFIKPXBENFDTAET7ZANCNFSM4X7AIYTQ .

bugy commented 1 year ago

Done, now basic auth can be used for htpassw and ldap auth. In this case username + password should be provided for every request