Page MenuHomeSoftware Heritage

varnish: specify the authentication type in case of 401
ClosedPublic

Authored by vsellier on Nov 19 2021, 2:13 PM.

Details

Summary

so the browsers will display the authentication box

Related to T3621

Test Plan
  • moma:
I, [2021-11-19T14:11:39.933305 #984025]  INFO -- : Diffs computed for moma.softwareheritage.org
diff origin/production/moma.softwareheritage.org current/moma.softwareheritage.org
*******************************************
  File[/etc/varnish/includes/50_vhost_archive.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -33,2 +33,17 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)base\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)archive\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)archive\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
  File[/etc/varnish/includes/50_vhost_deposit.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -31,2 +31,16 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)deposit\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)deposit\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
  File[/etc/varnish/includes/50_vhost_objstorage.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -37,2 +37,16 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)objstorage\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)objstorage\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
  Profile::Varnish::Vcl_include[vhost_archive.softwareheritage.org] =>
   parameters =>
     content =>
      @@ -33,2 +33,17 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)base\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)archive\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)archive\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
  Profile::Varnish::Vcl_include[vhost_deposit.softwareheritage.org] =>
   parameters =>
     content =>
      @@ -31,2 +31,16 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)deposit\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)deposit\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
  Profile::Varnish::Vcl_include[vhost_objstorage.softwareheritage.org] =>
   parameters =>
     content =>
      @@ -37,2 +37,16 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)objstorage\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)objstorage\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
  Varnish::Vcl[/etc/varnish/includes/50_vhost_archive.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -33,2 +33,17 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)base\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)archive\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)archive\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
  Varnish::Vcl[/etc/varnish/includes/50_vhost_deposit.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -31,2 +31,16 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)deposit\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)deposit\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
  Varnish::Vcl[/etc/varnish/includes/50_vhost_objstorage.softwareheritage.org.vcl] =>
   parameters =>
     content =>
      @@ -37,2 +37,16 @@
           }
       }
      +
      +sub vcl_synth {
      +    if (
      +        req.http.host ~ "^(?i)objstorage\.internal\.softwareheritage\.org(:[0-9]+)?$" ||
      +        req.http.host ~ "^(?i)objstorage\.softwareheritage\.org(:[0-9]+)?$"
      +    ) {
      +        if (resp.status == 401) {
      +            set resp.status = 401;
      +            set resp.http.WWW-Authenticate = "Basic";
      +            return(deliver);
      +        }
      +    }
      +}
      +
*******************************************
*** End octocatalog-diff on moma.softwareheritage.org
http  --verify=no  https://objstorage.staging.swh.network/                             14:08:52
HTTP/1.1 401 Unauthorized
Connection: keep-alive
Content-Length: 0
Date: Fri, 19 Nov 2021 13:09:01 GMT
Server: Varnish
WWW-Authenticate: Basic  <--------------- the correct header is added
X-Varnish: 32773

Diff Detail

Repository
rSPSITE puppet-swh-site
Branch
staging
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 25085
Build 39195: arc lint + arc unit

Event Timeline

vsellier created this revision.
olasd added inline comments.
site-modules/profile/templates/varnish/vhost.vcl.erb
78

I suspect that this line isn't needed :-)

This revision is now accepted and ready to land.Nov 19 2021, 2:19 PM

remove useless response code update

site-modules/profile/templates/varnish/vhost.vcl.erb
78

indeed, thanks