Koji Web User Login Auth problem

Fri Jul 18 02:47:38 UTC 2008

Sorry...My setting is error....

PythonOption WebCert /root/genca/certs/kojiweb.pem -> PythonOption WebCert
/root/genca/kojiweb.pem

but...another messages is feeback..

Mod_python error: "PythonHandler mod_python.publisher"

Traceback (most recent call last):

  File "/usr/lib/python2.4/site-packages/mod_python/apache.py", line
299, in HandlerDispatch
    result = object(req)

  File "/usr/lib/python2.4/site-packages/mod_python/publisher.py",
line 213, in handler
    published = publish_object(req, object)

  File "/usr/lib/python2.4/site-packages/mod_python/publisher.py",
line 412, in publish_object
    return publish_object(req,util.apply_fs_data(object, req.form, req=req))

  File "/usr/lib/python2.4/site-packages/mod_python/util.py", line
439, in apply_fs_data
    return object(**args)

  File "/usr/share/koji-web/scripts/index.py", line 144, in login
    if not _sslLogin(req, session, username):

  File "/usr/share/koji-web/scripts/index.py", line 56, in _sslLogin
    proxyuser=username)

  File "__init__.py", line 1233, in ssl_login

  File "__init__.py", line 1278, in callMethod

  File "__init__.py", line 1304, in _callMethod

AuthError: /C=TW/ST=Taiwan/O=OSSII/CN=web.ossii.com.tw/emailAddress=kevin.lin at ossii.com.tw
is not authorized to login other users

2008/7/18 Linul <kevin.linul at gmail.com>:

> Hi..
>
> I have already setup my koji-cli、 kojid、koji-hub、koji-web、kojira, and test
> ok,but still have a problem,it is web UI login
>
> I have already import the cert. when I login the Web UI, the messages is：
>
> Mod_python error: "PythonHandler mod_python.publisher"
>
> Traceback (most recent call last):
>
>   File "/usr/lib/python2.4/site-packages/mod_python/apache.py", line 299, in HandlerDispatch
>
>     result = object(req)
>
>   File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 213, in handler
>     published = publish_object(req, object)
>
>   File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 412, in publish_object
>
>     return publish_object(req,util.apply_fs_data(object, req.form, req=req))
>
>   File "/usr/lib/python2.4/site-packages/mod_python/util.py", line 439, in apply_fs_data
>     return object(**args)
>
>   File "/usr/share/koji-web/scripts/index.py", line 144, in login
>
>     if not _sslLogin(req, session, username):
>
>   File "/usr/share/koji-web/scripts/index.py", line 56, in _sslLogin
>     proxyuser=username)
>
>   File "__init__.py", line 1232, in ssl_login
>
>   File "XMLRPCServerProxy.py", line 74, in __init__
>
>   File "SSLCommon.py", line 38, in CreateSSLContext
>
> StandardError: /root/genca/certs/kojiweb.pem does not exist or is not readable
>
> My kojiweb.conf：
>
>     PythonDebug On
>     PythonOption KojiHubURL http://koji.ossii.com.tw/kojihub
>     PythonOption KojiWebURL http://koji.ossii.com.tw/koji
>     PythonOption KojiPackagesURL http://koji.ossii.com.tw/koji/packages
>     #PythonOption WebPrincipal koji/kevin.lin at ossii.com.tw
>     #PythonOption WebKeytab /etc/httpd.keytab
>     #PythonOption WebCCache /var/tmp/kojiweb.ccache
>     PythonOption WebCert /root/genca/certs/kojiweb.pem
>     PythonOption ClientCA /root/genca/koji_ca_cert.crt
>     PythonOption KojiHubCA /root/genca/koji_ca_cert.crt
>
> My web user is "admin", and have a record in postgresql, also can user koji
> instruction as normal.
>
> and I create the web cert step is：
>
> openssl pkcs12 -export -inkey certs/admin.key -in certs/admin.crt -CAfile koji_ca_cert.crt \
>
> -out certs/admin_browser_cert.p12
>
>
> thanks..
>
>
> --
>
> =============================================================================
> 林毓能
> Linul
> RedHat Certified Engineer
>
> TsLG網路工作室：http://www.tslg.idv.tw
> TsLG城市午後：http://blog.tslg.idv.tw
> Linul攝影紀實：http://photo.tslg.idv.tw
> 手機：0939797462
> E-mail : kevin.linul at gmail.com; linul at tslg.idv.tw
> =============================================================================
>
>

-- 
=============================================================================
林毓能
Linul
RedHat Certified Engineer

TsLG網路工作室：http://www.tslg.idv.tw
TsLG城市午後：http://blog.tslg.idv.tw
Linul攝影紀實：http://photo.tslg.idv.tw
手機：0939797462
E-mail : kevin.linul at gmail.com; linul at tslg.idv.tw
=============================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-buildsys-list/attachments/20080718/bd093b5a/attachment.htm>