Skip to content
This repository has been archived by the owner on Nov 9, 2022. It is now read-only.

Deploying REST extensions fails with "basic" security #208

Closed
dmcassel opened this issue Apr 17, 2014 · 7 comments
Closed

Deploying REST extensions fails with "basic" security #208

dmcassel opened this issue Apr 17, 2014 · 7 comments
Assignees
@dmcassel
Labels
bug

Comments

@dmcassel
Copy link
Collaborator

When the target HTTP app server's authentication is set to "basic", the deploy modules command will fail when trying to deploy REST extensions. Contents of the source directory are deployed successfully.

The error message:

Loading REST extensions from /Users/dcassel/tmp/richard/rl-test/rest-api/ext

getting files for /Users/dcassel/tmp/richard/rl-test/rest-api/ext
params: ["method=get", "method=put", "method=post", "method=delete"]
extensionName: test
loading: /Users/dcassel/tmp/richard/rl-test/rest-api/ext/test.xqy
url: http://localhost:9140/v1/config/resources/test?method=get&method=put&method=post&method=delete
Roxy::Http : request failure count: 1, exception: #<TypeError: no implicit conversion of nil into String>
Roxy::Http : request failure count: 2, exception: #<TypeError: no implicit conversion of nil into String>
Roxy::Http : request failure count: 3, exception: #<TypeError: no implicit conversion of nil into String>
Roxy::Http : request failure count: 4, exception: #<TypeError: no implicit conversion of nil into String>
Roxy::Http : re-raising same error: localhost temporarily unavailable: (no implicit conversion of nil into String) -- error count: 4, error age: 0
ERROR: localhost temporarily unavailable: (no implicit conversion of nil into String)
ERROR: ["/Users/dcassel/tmp/richard/rl-test/deploy/lib/RoxyHttp.rb:345:in `block in request'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/RoxyHttp.rb:335:in `loop'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/RoxyHttp.rb:335:in `request'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/MLClient.rb:93:in `go'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/ml_rest.rb:78:in `block in install_extensions'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/ml_rest.rb:39:in `each'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/ml_rest.rb:39:in `each_with_index'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/ml_rest.rb:39:in `install_extensions'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/server_config.rb:888:in `deploy_modules'", "/Users/dcassel/tmp/richard/rl-test/deploy/lib/server_config.rb:446:in `deploy'", "deploy/lib/ml.rb:128:in `<main>'"]
dcassel@MacPro-2396: rl-test/ $
@dmcassel dmcassel added the bug label Apr 17, 2014
@dmcassel dmcassel self-assigned this Apr 17, 2014
dmcassel added a commit that referenced this issue Apr 17, 2014
@dmcassel
#208 fix deploying REST stuff with digest authentication
361dd65
@hutchkintoot
Copy link

I have similar problems when running tests via the command line with basic authentication. Switching to digest fixed the problem.

Roxy version 1.6 (dev-branch)

 ml local test
Roxy::Http : request failure count: 1, exception: #<TypeError: no implicit conversion of nil into String>
Roxy::Http : request failure count: 2, exception: #<TypeError: no implicit conversion of nil into String>
Roxy::Http : request failure count: 3, exception: #<TypeError: no implicit conversion of nil into String>
Roxy::Http : request failure count: 4, exception: #<TypeError: no implicit conversion of nil into String>
Roxy::Http : re-raising same error: localhost temporarily unavailable: (no implicit conversion of nil into String) -- error count: 4, error age: 0
ERROR: localhost temporarily unavailable: (no implicit conversion of nil into String)
ERROR: ["/Users/johmor/Documents/kb-workspace/archive-ml/deploy/lib/RoxyHttp.rb:352:in `block in request'", "/Users/johmor/Documents/kb-workspace/archive-ml/deploy/lib/RoxyHttp.rb:342:in `loop'", "/Users/johmor/Documents/kb-workspace/archive-ml/deploy/lib/RoxyHttp.rb:342:in `request'", "/Users/johmor/Documents/kb-workspace/archive-ml/deploy/lib/MLClient.rb:100:in `go'", "/Users/johmor/Documents/kb-workspace/archive-ml/deploy/lib/server_config.rb:591:in `test'", "deploy/lib/ml.rb:135:in `<main>'"]

@silviarausanu
Copy link

The problem still seems to reproduce using version 1.7.1.
I'm using a hybrid application, authentication: basic + external ldap. What I'm getting when I execute

$ ./ml local deploy modules -v
Loaded 107 documents from /home/silvia/eaml/kbb/src to 127.0.0.1:8051/kbb-modules at 01/28/2015 04:42:01 pm
[PUT]   http://1127.0.0.1:8050/v1/config/properties
ERROR: Invalid login credentials for integration environment!!

@grtjn
Copy link
Contributor

grtjn commented Jan 29, 2015

Make sure you have this in your properties:

authentication-method=basic

Next to this, internal security needs to be true for some reason. It is almost as if you either need to use ldap or internal auth, but can't use both despite what the docs tell us..

@silviarausanu
Copy link

I have specified the authentication-method as basic, but unfortunately, I'm using internal-security = false, and have an ldap connected.
So you're saying that in this case (external security + ldap) I should use applicationLevel authentication method (which indeed works for me at the deployment part, but causes me different problems) ?

Thank you!

@grtjn
Copy link
Contributor

grtjn commented Jan 30, 2015

No, I meant that according to the docs you should be able to use internal-security=true, and still be able to do both internal auth + external auth if the user was not found internally. But this doesn't work. That is a problem in ML itself.

Roxy uses ml.user/ml.password for bootstrap, deploy, etc. That needs to be an ML internal user. But if you try to deploy REST options/extensions against an app server that uses external ldap security, that same ml.user user probably doesn't exist in your LDAP directory, and doing PUT/POST to install extensions won't work.

You can either switch back and forth the internal security while doing deploy rest, or you need to enter an LDAP user as ml.user, and recreate that user in ML so that bootstrap works with it too.

@grtjn
Copy link
Contributor

grtjn commented Jan 30, 2015

Regarding switching back and forth of internal security, I am using this in app_specific.rb:

  # adjust REST security to allow deploy
  alias_method :original_deploy_rest, :deploy_rest
  def deploy_rest()
    r = execute_query %Q{
      xquery version "1.0-ml"; 

      import module namespace admin = "http://marklogic.com/xdmp/admin" at "/MarkLogic/admin.xqy";

      let $config := admin:get-configuration()
      let $config := admin:appserver-set-internal-security($config, xdmp:server("#{@properties["ml.app-name"]}"), fn:true())
      return
        admin:save-configuration-without-restart($config)
    },
    { :app_name => @properties["ml.app-name"] }

    original_deploy_rest

    r = execute_query %Q{
      xquery version "1.0-ml"; 

      import module namespace admin = "http://marklogic.com/xdmp/admin" at "/MarkLogic/admin.xqy";

      let $config := admin:get-configuration()
      let $config := admin:appserver-set-internal-security($config, xdmp:server("#{@properties["ml.app-name"]}"), fn:false())
      return
        admin:save-configuration-without-restart($config)
    },
    { :app_name => @properties["ml.app-name"] }
  end

@istvannagy
Copy link

@grtjn, thanks for your reply. The proposed solution is working fine

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@dmcassel dmcassel

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@grtjn @dmcassel @hutchkintoot @silviarausanu @istvannagy