[Ovirt-devel] [patch] oVirt Test Fixes

Mohammed Morsi mmorsi at redhat.com
Thu Aug 14 19:20:50 UTC 2008 

Steve Linabery wrote:
> On Thu, Aug 14, 2008 at 02:21:35PM -0400, Mohammed Morsi wrote:
>   
>> Steve Linabery wrote:
>>     
>>> On Wed, Aug 13, 2008 at 06:15:04PM -0400, Mohammed Morsi wrote:
>>>   
>>>       
>>>> Attached is a patch fixing a few things with the build system. Namely 
>>>>  changes in autobuild.sh so that it works with the new changes made 
>>>> for  the selenium integration, and changes to the vm controller, vm   
>>>> controller test, and permission fixture due to problems caused by 
>>>> recent  changes.
>>>>
>>>>  -Mo
>>>>     
>>>>         
>>>   
>>>       
>>>> >From 73b27d4e104b0b23eccefbe50c710c7e0975407c Mon Sep 17 00:00:00 2001
>>>> From: Mohammed Morsi <mmorsi at redhat.com>
>>>> Date: Wed, 13 Aug 2008 18:08:01 -0400
>>>> Subject: [PATCH] fixes to autobuild and tests due to recent changes
>>>>
>>>> ---
>>>>  autobuild.sh                                  |    5 +-
>>>>  wui/src/app/controllers/vm_controller.rb      |    3 +-
>>>>  wui/src/test/fixtures/permissions.yml         |  100 ++++++++++++++++++++++++-
>>>>  wui/src/test/functional/vm_controller_test.rb |    4 +-
>>>>  4 files changed, 105 insertions(+), 7 deletions(-)
>>>>
>>>> diff --git a/autobuild.sh b/autobuild.sh
>>>> index b565404..cb27221 100755
>>>> --- a/autobuild.sh
>>>> +++ b/autobuild.sh
>>>> @@ -77,10 +77,11 @@ fi
>>>>  $ssh_cmd \
>>>>    "sed -i -e \"s/KrbMethodNegotiate on/KrbMethodNegotiate off/g\" \
>>>>            -e \"s/KrbMethodK5Passwd off/KrbMethodK5Passwd on/g\" \
>>>> -          /etc/httpd/conf.d/ovirt-wui.conf"
>>>> +          /etc/httpd/conf.d/ovirt-wui.conf && \
>>>> +   service httpd restart"
>>>>   echo "Running the wui tests"
>>>>  $ssh_cmd \
>>>> -    "curl -i --negotiate -u : management.priv.ovirt.org/ovirt/ | \
>>>> +    "curl -i http://admin:ovirt@management.priv.ovirt.org/ovirt/ | \
>>>>     
>>>>         
>>> This doesn't work. You'll just get a 302 redirect to http://management.priv.ovirt.org/ovirt/login/login.
>>>   
>>>       
>> I'm not fully sure I see why its not working. If I understand our new  
>> auth setup correctly, apache is still using kerberos to authenticate the  
>> user via the ticket / negotiation method, and falling back to kerberos  
>> basic auth if it can't. So long as the username:pass is getting to the  
>> server, eg there isn't a rewrite (which I removed with my last patch),  
>> apache should accept and authenticate the user with the credentials.  
>>     
>
> That's not how it works.
>
> All requests except those to /ovirt/login* are going directly to Rails, without any kerberos authentication.
>   
Ah, now I understand. Actually this may make things simpler, because if 
we are hitting the rails application before kerberos, we have no need to 
use kerberos at all in the test suite. Rather in application.rb we have 
a check to see if the application is in production mode, and if not then 
just set the user to "ovirtadmin" (which I'm hoping will currently work 
with the session and everything else, else we have to add some 
additional code to set that up). Previously we had to muck around with 
the credentials in the url due to the request hitting apache / kerberos 
before rails. So I suppose the only remaining issue would be to get 
rails into the test environment but I can easily do that via sed in 
autobuild.sh. Once you get your stuff in, I'll try changing autobuild 
and interface_test to remove the credentials and see if it works.

   -Mo

More information about the ovirt-devel mailing list