#2371 closed defect (worksforme)
errordocument conflicts with trac
| Reported by: | Gijs van Dulmen | Owned by: | Christopher Lenz |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | web frontend/mod_python | Version: | 0.9 |
| Severity: | normal | Keywords: | |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description (last modified by )
I'm running Trac 0.9 with Mod Python and noticed something odd. I don't know however if this is Trac related, but it sure doesn't work in a way I thought it would be.
Running Debian.
apache2 -v output:
Server version: Apache/2.0.54 Server built: Sep 5 2005 11:11:08
Trac-admin output: trac-admin - The Trac Administration Console 0.9
Mod python version is 3.1.3
Apache2 config part which creates the odd situation:
<IfModule mod_negotiation.c>
<IfModule mod_include.c>
Alias /error/ "/usr/share/apache2/error/"
<Directory "/usr/share/apache2/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
ErrorDocument 410 /error/HTTP_GONE.html.var
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
</IfModule>
</IfModule>
I use this apache virtual host config for trac:
<VirtualHost *:443>
ServerName sub.domain.com
DocumentRoot /var/www/sub.domain.com/
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLOptions +StdEnvVars
Alias /trac /usr/share/trac/htdocs/
<Location />
SetHandler mod_python
PythonHandler trac.web.modpython_frontend
PythonOption TracEnv /var/www/sub.domain.com
PythonOption TracUriRoot /
suPHP_Engine Off
SecFilterEngine Off
</Location>
<Location /login>
AuthType Basic
AuthName "Trac - Project Management and Version Control"
AuthUserFile /etc/apache2/.htpasswd-svn
Require valid-user
SecFilterEngine Off
</Location>
<Location /trac>
SetHandler None
</Location>
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
LogLevel warn
</VirtualHost>
When I have it like this Trac issues this error when I want to login:
No handler matched request to /error/HTTP_UNAUTHORIZED.html.var
When I comment out this line in the apache config part:
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
It works OK.
A workaround which I got is adding this line in my virtualhost:
ErrorDocument 401 default
Then things will work Ok.
Hope someone can research this.
Attachments (0)
Change History (11)
comment:1 by , 18 years ago
| Description: | modified (diff) |
|---|
comment:2 by , 18 years ago
For what it's worth, contacting Apache devs probably won't help - the ErrorDocument configuration that he pasted above is a custom tweak that's part of Debian. The core Apache doesn't ship anything like that (in fact, it doesn't ship ANY default customizations of ErrorDocument at all, instead defaulting to the hardcoded, and internal, error messages).
I would, however, look into mod_python a bit more. I had been debugging with this user earlier this morning in Freenode's #apache, and the minute he disabled the mod_python handlers, the /login URL worked successfully (by popping up an auth box). Failing to authenticate properly showed the 401 error message. Once mod_python was configured (per the Trac install docs), the auth box would not appear for any reason. That doesn't make much sense to me.
comment:3 by , 18 years ago
Sorry, "properly displayed the 403 error message" rather. (Ignore that whole sentence, actually. The point to take home is: disabling mod_python made Apache's HTTP auth work as intended).
comment:4 by , 18 years ago
In hindsight, I think the smarter solution is to disable the ErrorDocument 401 entirely. That is *far less hackish* than changing it to "default", which a user normally *is* authorized to see (it is akin to "lying", as it were).
comment:5 by , 18 years ago
To make things clear. I'm not the user that was in #apache this morning. Just another user experiencing this problem.
comment:6 by , 18 years ago
And is there even a way to disable the errordocument entirely ?
From Apache docs: "Additionally, the special value default can be used to specify Apache's simple hardcoded message. While not required under normal circumstances, default will restore Apache's simple hardcoded message for configurations that would otherwise inherit an existing ErrorDocument."
Isn't default like disabling it ? :)
comment:7 by , 18 years ago
Ah. My bad. This user had the *exact* same problem you did. Anyways, my apologies: I had assumed that "default" was some sort of Trac page, and not a setting in Apache. "default" is fine.
comment:9 by , 18 years ago
| Resolution: | → worksforme |
|---|---|
| Status: | new → closed |
Yes, add the line mentioned in the description:
ErrorDocument 401 default
comment:10 by , 17 years ago
geez this bug sucks. everything went fine on my server until I had this pb, and I spent 3 hours on it. Hope this information gets scattered around.
comment:11 by , 15 years ago
Adding this for people who might google this
Trac doesn't work with Virtual Hosts - Authentication information not available /login
http://groups.google.com/group/trac-users/browse_thread/thread/ac54f21e5a7de115?hl=en#
(fixing description)
The workaround suggested above seems reasonable since a 401 response will prompt the browser to display a login dialog so the page would never be seen by a user.
I guess another option is for Trac to provide a request handler for
/error/HTTP_UNAUTHORIZED.html.varthat would simply return a 401 response. I think we'll need to check with some Apache devs on this to see if there's a cleaner solution.