Description: It is impossible to publish documents to a MediaWiki with the provided extension if the Wiki uses Basic Authentication instead of the Wiki logon screen. Basic Authentication is officially supported by MedIaWiki, so the extension should be able to handle it. It fails as early as adding the URL to the server list. Tested on Linux and Windows. Both behave the same (the JAR file of the extension is the same anyways). Steps to Reproduce: 1. Configure a MediaWiki that uses Basic Authentication a. Requires wfLoadExtension( 'Auth_remoteuser' ); in LocalSettings.php b. Requires matching Apache Config 2. Add the Wiki to the MediaWiki Publisher Extension 3. Even adding the URL will fail. The server log will show it responded with 401 (as it should be) Actual Results: Adding the URL to the MediWiki fails. Posting articles if of course also impossible then. Expected Results: The extension detects the Basic Authentication and uses it instead of the Wiki logon screen. Reproducible: Always User Profile Reset: No Additional Info: It is possible to patch the extension to always include the Basic Auth header by adding String basicAuth = Base64.getEncoder().encodeToString((sWikiUser+":"+sWikiPass).getBytes(StandardCharsets.UTF_8)); connGet.setRequestProperty("Authorization", "Basic " + basicAuth); Note that the User/Password variable names are different depending on the part of the change. This is of course just an ugly hack to prove it is working and actually a very bad idea to always send user and password even on plain text connections, so please do not use this in a productive environment. User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0
Created attachment 137648 [details] Extremely ugly POC patch - do NOT use!!! With this patch it is possible to access a MediWiki which uses Basic Auth and post an article. Even though the article is posted, the extension still displays an error message. It seems that the extension tries to read the newly created article but does not use the Basic Auth header this time (and also ignored the set user agent) xxx - sen [09/Nov/2017:18:32:14 +0100] "POST /index.php?title=Test&action=submit HTTP/1.1" 302 1229 "-" "LibreOffice Wiki Publisher 1.2.1" xxx - - [09/Nov/2017:18:32:14 +0100] "GET /Test HTTP/1.1" 401 1120 "-" "Java/1.8.0_144" Note that I changed the Special Page from logon to ListUsers as a MediaWiki using Basic Auth does not provide this page. Also just an ugly hack.
Hello Sven Neuz, Still working on this issue? Would you mind submitting a patch to gerrit for review? More info: https://wiki.documentfoundation.org/Development/gerrit/SubmitPatch
Actually I don't work on this issue, I just reported it. I created this really ugly POC patch to see if it works at all. Of course I can submit it but it *should not be used* as it will break the "normal" login and does have a terrible coding style.
A new major release of LibreOffice is available since this bug was reported. Could you please try to reproduce it with the latest version of LibreOffice from https://www.libreoffice.org/download/libreoffice-fresh/ ? I have set the bug's status to 'NEEDINFO'. Please change it back to 'UNCONFIRMED' if the bug is still present in the latest version.
Still the same issue in 6.1.0.3.
Dennis: IMHO, it's more a new feature than a bug. Anyway, I can't help here.
(In reply to Sven Neuz (SERPENTEQ) from comment #5) > Still the same issue in 6.1.0.3. Is this issue still reproducible with the latest version of LibreOffice from https://www.libreoffice.org/download/libreoffice-fresh/ ? I have set the bug's status to 'NEEDINFO'. Please change it back to 'UNCONFIRMED' if the bug is still present in the latest version.
I'm not sure, but isn't something like https://Aladdin:OpenSesame@www.example.com/index.html working?
Dear Sven Neuz (SERPENTEQ), This bug has been in NEEDINFO status with no change for at least 6 months. Please provide the requested information as soon as possible and mark the bug as UNCONFIRMED. Due to regular bug tracker maintenance, if the bug is still in NEEDINFO status with no change in 30 days the QA team will close the bug as INSUFFICIENTDATA due to lack of needed information. For more information about our NEEDINFO policy please read the wiki located here: https://wiki.documentfoundation.org/QA/Bugzilla/Fields/Status/NEEDINFO If you have already provided the requested information, please mark the bug as UNCONFIRMED so that the QA team knows that the bug is ready to be confirmed. Thank you for helping us make LibreOffice even better for everyone! Warm Regards, QA Team MassPing-NeedInfo-Ping
Dear Sven Neuz (SERPENTEQ), Please read this message in its entirety before proceeding. Your bug report is being closed as INSUFFICIENTDATA due to inactivity and a lack of information which is needed in order to accurately reproduce and confirm the problem. We encourage you to retest your bug against the latest release. If the issue is still present in the latest stable release, we need the following information (please ignore any that you've already provided): a) Provide details of your system including your operating system and the latest version of LibreOffice that you have confirmed the bug to be present b) Provide easy to reproduce steps – the simpler the better c) Provide any test case(s) which will help us confirm the problem d) Provide screenshots of the problem if you think it might help e) Read all comments and provide any requested information Once all of this is done, please set the bug back to UNCONFIRMED and we will attempt to reproduce the issue. Please do not: a) respond via email b) update the version field in the bug or any of the other details on the top section of our bug tracker Warm Regards, QA Team MassPing-NeedInfo-FollowUp