[ckan-dev] ckanext-security in CKAN 2.7.2

Wed Oct 11 11:42:15 UTC 2017

Hi,

Sorry to jump on this. I just wanted to clarify that AFAIK there are no
features from ckanext-security ported to 2.7 yet, just because the tech
team doesn't have capacity right now.
It would be great to have them of course, and pretty straight-forward, so
we are more than happy to provide guidance on submitting pull requests. All
details are here:

https://github.com/data-govt-nz/ckanext-security/issues/2

I had a quick glance at the code and didn't see any major blockers for 2.7
compatibility so I suspect it should work fine but of course it needs to be
properly tested.

Best,

Adrià

On 10 October 2017 at 22:28, Cam Findlay <cam at camfindlay.com> wrote:

> Might be worth mentioning that some features in this extension were rolled
> directly into 2.7.x release and so this module as it stand might only be
> valid for 2.6.x CKAN installs (however perhaps some pull requests to make
> it 2.7.x compatible might make sense dropping out those features now
> natively in 2.7.x core?). May have to look in the issues on github for that
> extension to find the parts that have been added to core.
>
> Cheers,
>
> Cam.
>
>
> On 10 October 2017 at 23:26, <lucia.espona at wsl.ch> wrote:
>
>> Hi Karen
>>
>> I had different values for the properties you mention so I set them now
>> to:
>>
>> [...]
>> beaker.session.url = 127.0.0.1:11211
>> beaker.session.cookie_domain = 127.0.0.1
>> [...]
>> ckan.site_url = http://127.0.0.1:5000
>> [...]
>> ckanext.security.memcached = 127.0.0.1:11211
>> ckanext.security.domain = 127.0.0.1
>> [...]
>>
>> ..but the problem persists and I cannot log in.
>>
>> I don't get any exception or error in the logs, furthermore the
>> ckan.lib.authenticator.UsernamePasswordAuthenticator.authenticate()
>> method succeeds. If I write a wrong password I can see the error in the
>> logs from this method so the authentication should actually be ok but I
>> cannotlogin.
>>
>> Thanks a lot anyway for your advice.
>>
>> Best,
>> Lucia
>>
>> _________________________________________________________
>> Dr. Lucia Espona Pernas
>>
>> Swiss Federal Institute for Forest, Snow and Landscape Research WSL
>> Hauptgebäaude Labortrakt (HL C21)
>> Zürcherstrasse 111
>> 8903 Birmensdorf
>> Switzerland
>>
>> +41 44 739 28 71 <+41%2044%20739%2028%2071> phone direct
>> +41 44 739 21 11 <+41%2044%20739%2021%2011> reception
>>
>> www.wsl.ch
>>
>> -----"ckan-dev" <ckan-dev-bounces at lists.okfn.org> wrote: -----
>> To: CKAN Development Discussions <ckan-dev at lists.okfn.org>
>> From: Karen Turner
>> Sent by: "ckan-dev"
>> Date: 10.10.2017 11:59
>> Subject: Re: [ckan-dev] ckanext-security in CKAN 2.7.2
>>
>>
>> Hi
>>
>> On 10/10/2017, at 9:33 PM, lucia.espona at wsl.ch wrote:
>>
>> Dear all
>>
>> I am testing ckanext-security (https://github.com/data-govt-
>> nz/ckanext-security) with my local CKAN 2.7.2 development instance.
>>
>>
>> I haven’t tested with CKAN 2.7 but with CKAN 2.6 I did come across this
>> error when my
>> ckan.site_url and beaker.session.cookie_domain did not match.
>>
>> In my case I had set one to be an ip address and the other to be the host
>> name. So pages would display ok but it would fail the login.
>>
>> Second and more critical, even if I "bypass" the previous error, I cannot
>> log in with any user. Password reset seems to work fine but I get always
>> the "Login failed. Bad username or password" error. I am trying to
>> troubleshoot this but there is no failure message, I pasted below a piece
>> of the log output. The only hint I see is the "INFO  [repoze.who] no
>> identities found, not authenticating".
>>
>> If anyone has an idea of what's going on I would be grateful for any
>> advice.
>>
>> Best,
>> Lucia
>>
>>
>> ----
>> Karen Turner
>> Catalyst IT
>> w: http://catalyst.net.nz
>> p: +64 4  803 2375 <+64%204-803%202375>
>>
>> _______________________________________________
>> ckan-dev mailing list
>> ckan-dev at lists.okfn.org
>> https://lists.okfn.org/mailman/listinfo/ckan-dev
>> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>>
>> _______________________________________________
>> ckan-dev mailing list
>> ckan-dev at lists.okfn.org
>> https://lists.okfn.org/mailman/listinfo/ckan-dev
>> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>>
>>
>
> _______________________________________________
> ckan-dev mailing list
> ckan-dev at lists.okfn.org
> https://lists.okfn.org/mailman/listinfo/ckan-dev
> Unsubscribe: https://lists.okfn.org/mailman/options/ckan-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/ckan-dev/attachments/20171011/6e05d8c7/attachment-0003.html>