User passwords not being recognised at login

0
Greetings: GitStack looks great but I have an issue. I can create users and set passwords. These turn up in the passwdfile. When my users try to login, they are told that their password does not match. I have tried various types of password – from complex to simple – and they still cannot login. Looking at the code, it appears that passwords are generated by the Apache htpasswd utility and then resolved through the django.contrib.auth.views.login (at least, that’s what the form post calls). However, at this point I draw a blank. This installation is on Windows 2008 R2 Std Edition. Help? Thanks, David.
Tags: asked April 20, 2012

5 Answers

0
Are your users trying to clone a repository, or are they trying to login into the admin panel ?
0
Actually, they're just trying to authenticate for any action. I dug into the underlying GitStack Django app and it appears that something very strange happens in the authentication chain. Leaving aside the fact that I had to add in the Middleware and Backend service libraries to Django and that I also had to set an explicit <Location> in the WSGI conf that specified where the auth file was before I'd even see any attempt at RemoteUser authentication... When the GitStack app tries to authenticate a remote user, it instantiates an AuthenticationForm from django.contrib. This authentication form, effectively - and via various views/forms libraries, ends up at the contrib.auth __init__.py authenticate() function. This actually returns a valid user from the authentication against the Apache AuthFile. However, by the time the call traverses back up the chain to the auth.forms.py.AuthenticationForm.clean(), the user object has vanished and so GitStack assumes the user has failed to login. Deeply annoying and, to be fair, quite variable. Sometimes the above happens; other times a user object *is* returned to the aforementioned clean() method. In the latter case, on assignment to self.user_cache in that method, the user object magically becomes None. I'm going to ask the obvious question - why are you using HTTP_BASIC_AUTH here when you could so easily have used a proper authentication framework in (if you had to use it) Django? If it helps, my install is in a sub-sub-folder under it's own (as packaged) web server, PHP, etc. but is running against a discrete IP address on the same server as another Apache httpd instance (with it's own IP).   David.
0
OK. I uninstalled GitStack. Stopped my other Apache (httpd and Tomcat) servers. Reinstalled a fresh GitStack. Failed to start. Edited conf/gitphp.conf to point to my local PHP (C:/PHP). Started GitStack. Logged in. Created a user. Tried to login as that user from a remote machine. Failed - Username and Password do not match. Uninstalled GitStack. Started looking for an alternative that works. Thanks anyway, David.
0
"If it helps, my install is in a sub-sub-folder under it's own (as packaged) web server, PHP, etc. "

That's your issue. GitStack is bundled with Apache and has a very complex configuration which is modified at runtime (serving git repositories with granualar authentication is not a simple task).

If you would like to run multiple webservers on the same machine, please read this documentation : GitStack and other webservers
0
Read some other place, that it is only the admin that is allowed to enter the web administration. Though not clearly given (I thought something didn't work), I had no problem creating a repo with my admin, add my group to that repo, and git push to it from my workstation.

Your Answer

Please login to post questions.