【发布时间】:2016-07-19 17:35:03
【问题描述】:
操作系统 - Ubuntu 14.04.3 LTC
安装了git、Tomcat7、mysql、apache2。
我将 tomcat7 配置为支持 SSL: 服务器.xml
<Connector port="4432" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="some_path"
keystorePass="some_pass" />
并使用了mysql数据库: 上下文.xml
<Resource name="jdbc/ReviewDb"
auth="Container"
type="javax.sql.DataSource"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost:3306/gerrit_reviewdb"
username="gerrit"
password="gerrit"
maxActive="20"
maxIdle="10"
maxWait="-1"/>
我在 tomcat7 上部署了 gerrit,类型为 auth development_become_any_account。
接下来我在文件夹 /etc/apache2/sites-available 中创建了文件 gerrit_auth.conf
Listen 82
<VirtualHost *:82>
ServerName localhost
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
AllowEncodedSlashes On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /gerrit/login/>
AuthType Basic
AuthName "Gerrit Code Review2"
AuthBasicProvider file
AuthUserFile /var/opt/gerrit/users/passwords
Require valid-user
</Location>
ProxyPass /gerrit/ https://localhost:4432/gerrit/ nocanon
ErrorLog /var/opt/gerrit/apache_errorlog.log
CustomLog /var/opt/gerrit/apache_customlog.log combined
</VirtualHost>
并在 gerrit.config 中将身份验证类型更改为 http
[gerrit]
basePath = /var/opt/gerrit/repositories
canonicalWebUrl = https://my_gerrit_site:4432/gerrit
[database]
type = mysql
database = gerrit_reviewdb
hostname = localhost
username = gerrit
[index]
type = LUCENE
[auth]
type = http
[receive]
enableSignedPush = false
[sendemail]
smtpServer = localhost
[container]
user = tomcat7
javaHome = /usr/lib/jvm/jdk1.7.0_79/jre
[sshd]
listenAddress = *:29418
[httpd]
listenUrl = proxy-http://localhost:82/
[cache]
directory = cache
并重新启动服务 apache2 和 tomcat7。 现在,当我转到 https://my_gerrit_site:4432/ 时,我看到了 tomcat7
有效!
当我去 https://my_gerrit_site:4432/gerrit 我看到了
配置错误
检查 HTTP 服务器的身份验证设置。
HTTP 服务器未在授权中提供用户名 将请求转发给 Gerrit Code Review 时的标头。
如果 HTTP 服务器是 Apache HTTPd,请检查代理配置 包括具有适当位置的授权指令,确保 它以'/'结尾:
服务器名称 my_gerrit_site
ProxyRequests Off ProxyVia Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> <Location /gerrit/login/> AuthType Basic AuthName "Gerrit Code Review" Require valid-user ... </Location> AllowEncodedSlashes On ProxyPass /gerrit/ http://.../gerrit/ nodecode </VirtualHost>
当我访问 http://my_gerrit_site:82/ 时,我看到了
/的索引
Apache/2.4.7 (Ubuntu) 服务器位于 my_gerrit_site 端口 82
当我访问 http://my_gerrit_site:82/gerrit/login/ 时,我看到了 带有身份验证的窗口,当我登录时,我看到了
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
Apache/2.4.7 (Ubuntu) Server at my_gerrit_site Port 82
apache_errorlog.log
[Tue Jul 19 20:18:39.067497 2016] [proxy:warn] [pid 6382:tid 140713740175104] [client x.x.x.x:27949] AH01144: No protocol handler was valid for the URL /gerrit/login/. If you are using a DSO version of mod_proxy, make sure the proxy submodules are included in the configuration using LoadModule.
catalina.out
[2016-07-19 20:18:18,855] [http-bio-4432-exec-6] ERROR com.google.gerrit.httpd.auth.container.HttpLoginServlet : Unable to authenticate user by Authorization request header. Check container or server configuration.
我做错了什么?我需要更改哪些设置?
谢谢
【问题讨论】:
-
你为什么使用Tomcat?是必需的吗?最好让gerrit自己工作。
-
是的,我使用tomcat是因为它是必需的
标签: apache2 tomcat7 gerrit http-authentication