Sorry...My setting is error....

PythonOption WebCert /root/genca/certs/kojiweb.pem -> PythonOption WebCert /root/genca/kojiweb.pem

but...another messages is feeback..

Mod_python error: "PythonHandler mod_python.publisher"


Traceback (most recent call last):

File "/usr/lib/python2.4/site-packages/mod_python/apache.py", line 299, in HandlerDispatch
result = object(req)

File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 213, in handler

published = publish_object(req, object)

File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 412, in publish_object
return publish_object(req,util.apply_fs_data(object, req.form, req=req))


File "/usr/lib/python2.4/site-packages/mod_python/util.py", line 439, in apply_fs_data
return object(**args)

File "/usr/share/koji-web/scripts/index.py", line 144, in login
if not _sslLogin(req, session, username):


File "/usr/share/koji-web/scripts/index.py", line 56, in _sslLogin
proxyuser=username)

File "__init__.py", line 1233, in ssl_login

File "__init__.py", line 1278, in callMethod


File "__init__.py", line 1304, in _callMethod

AuthError: /C=TW/ST=Taiwan/O=OSSII/CN=web.ossii.com.tw/emailAddress=kevin.lin@ossii.com.tw is not authorized to login other users




2008/7/18 Linul <kevin.linul@gmail.com>:

Hi..

I have already setup my koji-cli� kojid�koji-hub�koji-web�kojira, and test ok,but still have a problem,it is web UI login

I have already import the cert. when I login the Web UI, the messages is：


Mod_python error: "PythonHandler mod_python.publisher"

Traceback (most recent call last):

File "/usr/lib/python2.4/site-packages/mod_python/apache.py", line 299, in HandlerDispatch


result = object(req)

File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 213, in handler
published = publish_object(req, object)

File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 412, in publish_object


return publish_object(req,util.apply_fs_data(object, req.form, req=req))

File "/usr/lib/python2.4/site-packages/mod_python/util.py", line 439, in apply_fs_data
return object(**args)

File "/usr/share/koji-web/scripts/index.py", line 144, in login


if not _sslLogin(req, session, username):

File "/usr/share/koji-web/scripts/index.py", line 56, in _sslLogin
proxyuser=username)

File "__init__.py", line 1232, in ssl_login



File "XMLRPCServerProxy.py", line 74, in __init__

File "SSLCommon.py", line 38, in CreateSSLContext

StandardError: /root/genca/certs/kojiweb.pem does not exist or is not readable


My kojiweb.conf：

Â*Â*Â* PythonDebug On
Â*Â*Â* PythonOption KojiHubURL http://koji.ossii.com.tw/kojihub
Â*Â*Â* PythonOption KojiWebURL http://koji.ossii.com.tw/koji


Â*Â*Â* PythonOption KojiPackagesURL http://koji.ossii.com.tw/koji/packages
Â*Â*Â* #PythonOption WebPrincipal koji/kevin.lin@ossii.com.tw


Â*Â*Â* #PythonOption WebKeytab /etc/httpd.keytab
Â*Â*Â* #PythonOption WebCCache /var/tmp/kojiweb.ccache
Â*Â*Â* PythonOption WebCert /root/genca/certs/kojiweb.pem
Â*Â*Â* PythonOption ClientCA /root/genca/koji_ca_cert.crt

Â*Â*Â* PythonOption KojiHubCA /root/genca/koji_ca_cert.crt


My web user is "admin", and have a record in postgresql, also can user koji instruction as normal.

and I create the web cert step is：

openssl pkcs12 -export -inkey certs/admin.key -in certs/admin.crt -CAfile koji_ca_cert.crt


-out certs/admin_browser_cert.p12

thanks..

--
================================================== ===========================
林毓能
Linul
RedHat Certified Engineer

TsLG網路工作室：http://www.tslg.idv.tw


TsLG城市�後：http://blog.tslg.idv.tw
Linul�影紀實：http://photo.tslg.idv.tw
手機：0939797462
E-mail : kevin.linul@gmail.com; linul@tslg.idv.tw


================================================== ===========================



--
================================================== ===========================
林毓能
Linul
RedHat Certified Engineer

TsLG網路工作室：http://www.tslg.idv.tw

TsLG城市�後：http://blog.tslg.idv.tw
Linul�影紀實：http://photo.tslg.idv.tw
手機：0939797462
E-mail : kevin.linul@gmail.com; linul@tslg.idv.tw

================================================== ===========================

--
Fedora-buildsys-list mailing list
Fedora-buildsys-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list

On Thursday 17 July 2008, Linul wrote:
> Hi..
>
> I have already setup my koji-cli� kojid�koji-hub�koji-web�kojira, and test
> ok,but still have a problem,it is web UI login
>
> I have already import the cert. when I login the Web UI, the messages is：
>

> StandardError: /root/genca/certs/kojiweb.pem does not exist or is not
> readable
apache runs as user apache it cant read files in roots ~ you need to make
sure the webserver can read the certs. I'm betting an authenticated cli
command will fail exactly the same way. most cli tasks are unauthenticated.


--
Dennis Gilmore


--
Fedora-buildsys-list mailing list
Fedora-buildsys-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list

On Thursday 17 July 2008, Linul wrote:
> Sorry...My setting is error....

>
> AuthError:
> /C=TW/ST=Taiwan/O=OSSII/CN=web.ossii.com.tw/emailAddress=kevin.lin@ossii.co
>m.tw is not authorized to login other users
you need to set
PythonOption ProxyDNs
"/C=TW/ST=Taiwan/O=OSSII/CN=web.ossii.com.tw/emailAddress=kevin.lin@ossii.com.tw"
in /etc/httpd/conf.d/kojihub.conf

--
Dennis Gilmore

--
Fedora-buildsys-list mailing list
Fedora-buildsys-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list