Univention Bugzilla – Bug 44906
Credentials are not used if URI is specified
Last modified: 2023-01-06 10:59:32 CET
TL;DR; repository/online/component/…/{username,password} are not used if repository/online/component/…/server contains an URI. Case (1): repository/online/component/…/username=myuser repository/online/component/…/password=secret repository/online/component/…/server=somehost.example.com → OK: works as intended, if the server returns "401 Auth required" the credentials from …/{username,password} are sent and the repo is configured correctly Case (2): repository/online/component/…/username=myuser repository/online/component/…/password=secret repository/online/component/…/server=https://somehost.example.com → FAIL: does not work: no credentials are sent, therefore requests are rejected by the repo-server it's not possible to configure the repo this way Case (3): repository/online/component/…/username=myuser repository/online/component/…/password=secret repository/online/component/…/server=http://somehost.example.com → FAIL: dito, see https:// above Case (4): repository/online/component/…/username=unused repository/online/component/…/password=unused repository/online/component/…/server=https://myuser:secret@somehost.example.com → OK: works, but I think none of the code in UCS is prepared for this configuration (OX license management, UMC module "repository settings", ...) Case (5): repository/credentials/AUTH-REALM-OF-REPO/username=myuser repository/credentials/AUTH-REALM-OF-REPO/password=secret repository/credentials/AUTH-REALM-OF-REPO/uris=somehost.example.com repository/online/component/…/username=unused repository/online/component/…/password=unused repository/online/component/…/server=https://somehost.example.com → OK: works for all repos on somehost.example.com if the AUTH-REALM-OF-REPO is matching I think case (2) and (3) should also work. E.g. OX is affected by this issue.
This issue has been filed against UCS 4.2. UCS 4.2 is out of maintenance and many UCS components have changed in later releases. Thus, this issue is now being closed. If this issue still occurs in newer UCS versions, please use "Clone this bug" or reopen it and update the UCS version. In this case please provide detailed information on how this issue is affecting you.
UCS 5 will drop most of this anyway.
customer 44145 asked if we can switch the customer repo to use https. this still fails even when using repository/online/component/customername/server='https://service.software-univention.de' Result: # Configuration error: credentials not accepted: min-brandenburg Interestingly the OX-part is solved in the meantime repository/online/component/someoxcomponent/server: https://software.open-xchange.com the only difference is that the customer-repo is using repository/online/component/customername/parts: maintained
This bug is tagged with "workaround is available" but I can not see any workaround mentioned (even though I could assume manual administration e.g. by adding a line to /etc/apt/sources.list).
(In reply to Dirk Ahrnke from comment #4) > This bug is tagged with "workaround is available" but I can not see any > workaround mentioned (even though I could assume manual administration e.g. > by adding a line to /etc/apt/sources.list). Do *not* put a URL into repository/online/component/$comp/server, but a plain FQHN. Then also set …/{prefix,username,password}.
*** This bug has been marked as a duplicate of bug 55044 ***