http authentication
Having trouble installing Oxygen? Got a bug to report? Post it all here.
-
bkc
http authentication
Post by bkc »
I need to transform an .xml document loaded via http, using the document stylesheet pi. That pi references a .xsl file that loads more .xml files and imports other .xsl files from the same http server.
The http server requires authentication (basic auth). I can't see any way to specify the userid and password to be used when downloading (anything) from the server. So, when I open via http the source .xml file and specify the userid and password, the download works. WHen I try the transform, it fails because every referenced file gets a login page from the server instead of the actual file.
What I want is for oxgyen to always provide basic auth information, even if it doesn't get an http unauth server response. Is there any way to do that?
Another option would be to resubmit cookies cached from currently open documents loaded from the same server.
I tried hand-opening every referenced file via url, hoping that a subsequent transform operation would notice that the system ids are already open and use them, but the transform doesn't do that (well I can understand why that doesn't work, but worth a shot).
Any suggestions?
The http server requires authentication (basic auth). I can't see any way to specify the userid and password to be used when downloading (anything) from the server. So, when I open via http the source .xml file and specify the userid and password, the download works. WHen I try the transform, it fails because every referenced file gets a login page from the server instead of the actual file.
What I want is for oxgyen to always provide basic auth information, even if it doesn't get an http unauth server response. Is there any way to do that?
Another option would be to resubmit cookies cached from currently open documents loaded from the same server.
I tried hand-opening every referenced file via url, hoping that a subsequent transform operation would notice that the system ids are already open and use them, but the transform doesn't do that (well I can understand why that doesn't work, but worth a shot).
Any suggestions?
Hello,
I have tried applying XSLT on documents with entities and imported stylesheets using a webdav server and it worked. If the URL did not specified the user and password, the authentication window was displayed. Have you opened the documents in InternetExplorer?
As a workaround you can try specifing in the transformation scenario the full URL containing the user and the password.
Eg:
http://user_name:password@server.com/some/file.xml
Regards,
Dan
I have tried applying XSLT on documents with entities and imported stylesheets using a webdav server and it worked. If the URL did not specified the user and password, the authentication window was displayed. Have you opened the documents in InternetExplorer?
As a workaround you can try specifing in the transformation scenario the full URL containing the user and the password.
Eg:
http://user_name:password@server.com/some/file.xml
Regards,
Dan
global variables in debugger don't seem work
If I choose File / Open URL, I cannot put in a url in like this:
> http://user_name:password@server.com/some/file.xml
It says "you must select or type a filename"
If I put in my userid and password in the dialog and drill down the http 'tree', I can open the file I want to work with. However it still doesn't seem to remember my userid and password during the transform, so the referenced stylesheet (via PI) doesn't get loaded properly because the web server puts up a login form instead of the real document because the basic auth params are not sent.
I also tried saving the source xml to a local file, then editing the stylesheet PI and putting in http://userid:password@ form in that url, but that didn't work either. Well, I should say that it worked in opening the top level stylesheet from the .xml file, but everything that top-level .xsl file tried to reference failed to work, because the userid and password are not proprogated.
--
Another problem. I turned off authentication to temporarily test this, and I note that when stepping through in the debugger, top level variables are not properly initialized.
Example. Input XML file has <Root><User manager="1"> ..
It references stylesheet 'a.xsl', and, 'a.xsl' imports 'master.xsl'
'master.xsl' has a global scope <xsl:variable name="manager" select="/Root/user/@manager" />
This variable works correctly when using libxml, or firefox, etc. But in the oxygenxml debugger, stepping through the document, the variable 'manager' is shown as null, so I cannot debug my stylesheet.
It seems that the debugger fails to properly initialize globals in imported stylesheets.
I also tried "run to cursor" so as to not single step through the variable assignment. That didn't work either.
However using xwatch I am able to type in /Root/User/@manager and it produces a fragment that I expect to see.
> http://user_name:password@server.com/some/file.xml
It says "you must select or type a filename"
If I put in my userid and password in the dialog and drill down the http 'tree', I can open the file I want to work with. However it still doesn't seem to remember my userid and password during the transform, so the referenced stylesheet (via PI) doesn't get loaded properly because the web server puts up a login form instead of the real document because the basic auth params are not sent.
I also tried saving the source xml to a local file, then editing the stylesheet PI and putting in http://userid:password@ form in that url, but that didn't work either. Well, I should say that it worked in opening the top level stylesheet from the .xml file, but everything that top-level .xsl file tried to reference failed to work, because the userid and password are not proprogated.
--
Another problem. I turned off authentication to temporarily test this, and I note that when stepping through in the debugger, top level variables are not properly initialized.
Example. Input XML file has <Root><User manager="1"> ..
It references stylesheet 'a.xsl', and, 'a.xsl' imports 'master.xsl'
'master.xsl' has a global scope <xsl:variable name="manager" select="/Root/user/@manager" />
This variable works correctly when using libxml, or firefox, etc. But in the oxygenxml debugger, stepping through the document, the variable 'manager' is shown as null, so I cannot debug my stylesheet.
It seems that the debugger fails to properly initialize globals in imported stylesheets.
I also tried "run to cursor" so as to not single step through the variable assignment. That didn't work either.
However using xwatch I am able to type in /Root/User/@manager and it produces a fragment that I expect to see.
About the http authentication, this is what i tested:
1. Opened successfuly the remote file in the editor:
http://test:xxx@devel.sync.ro/webdav/personal.xml
2. The document used a DTD and a stylesheet:
Right clicking the DTD or stylesheet and choosing "Open file at cursor" opens them in the editor with no problem.
3. The stylesheet style1.xsl imported other stylesheet style2.xsl:
I have opened style2 from clicking the import and choosing "Open file at cursor" in style1:
4. I have created a scenario based on the xml-stylesheet PI and changed the output to a local file. Transformation was succesfull.
There may be differences between our servers.
I use apache 1.3.29 + moddav 1.0.3. What is your configuration? Do you use Oxygen 5.0? What OS?
The .htaccess for my webdav file is:
Let me know what are your server settings and some code snippets from the stylesheets and XML file so I can test them again.
1. Opened successfuly the remote file in the editor:
http://test:xxx@devel.sync.ro/webdav/personal.xml
This message should not appear. Do you have spaces in the name of your file?If I choose File / Open URL, I cannot put in a url in like this:
> http://user_name:password@server.com/some/file.xml
It says "you must select or type a filename"
2. The document used a DTD and a stylesheet:
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="xml/xslt" href="style1.xsl"?>
<!DOCTYPE personnel SYSTEM "personal.dtd">
<personnel >
<person id="Big.Boss">
<name>
......
3. The stylesheet style1.xsl imported other stylesheet style2.xsl:
I have opened style2 from clicking the import and choosing "Open file at cursor" in style1:
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:import href="style2.xsl"/>
</xsl:stylesheet>
There may be differences between our servers.
I use apache 1.3.29 + moddav 1.0.3. What is your configuration? Do you use Oxygen 5.0? What OS?
The .htaccess for my webdav file is:
Code: Select all
AuthUserFile /www/webdav/.htpasswd
AuthGroupFile /dev/null
AuthName "Authorized WEBDAV users only please :)"
AuthType Basic
<Limit POST GET PUT DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
require user test
</Limit>
-
stefan
Post by stefan »
The debugger problem: there is nothing wrong with import stylesheets.
Some implementations of XSLT (such as Xalan) use lazy evaluation for variables, that is the $manager variable is not evaluated until is actually used in the stylesheet.
This is the reason you see the value shown as null, until it is first time used.
Please try Saxon 6_5_3 to see a different approch.
Some implementations of XSLT (such as Xalan) use lazy evaluation for variables, that is the $manager variable is not evaluated until is actually used in the stylesheet.
This is the reason you see the value shown as null, until it is first time used.
Please try Saxon 6_5_3 to see a different approch.
It says "you must select or type a filename"
> This message should not appear. Do you have spaces in the name of
> your file?
No. it seems that the dialog is offering a "file url" at the top (which I tried) and a directory input box with browse button to the right. I also tried putting the full url in there as well. Either way, I get the same response.
The only way I could actually get my file to open was to specify a URL that did not include the final filename portion, than select that from the tree view shown below the directory browse section.
> There may be differences between our servers.
> I use apache 1.3.29 + moddav 1.0.3. What is your configuration?
> Do you use Oxygen 5.0? What OS?
It is oxygen 5.0 (trial license) on win2K sp4
The server is Zope. It's using "cookie crumbler".
I mentioned it previously, but perhaps haven't amplified the issue enough. If a basic auth header is not included in the http request, and the 'authenticated cookie' is also not sent, than Zope returns an HTML login form. It does not return an http un-auth error code.
What I need is a way to ALWAYS send the basic auth information for every HTTP request sent to a particular server, including direct file opens (which work) or imports during a transform (which seems not to work in my case).
I suspect that if my server returned an http un-auth error code, than the "right thing" would happen during the transform as well.
Perhaps this is a feature request, not a bug report? I'd like an option that says "cache userid/password for this 'server' and always offer it on any subsequent request".
As it stands now, I have to temporarily disable authentication in my server to get this to work. I'd like to avoid that in the future.
> This message should not appear. Do you have spaces in the name of
> your file?
No. it seems that the dialog is offering a "file url" at the top (which I tried) and a directory input box with browse button to the right. I also tried putting the full url in there as well. Either way, I get the same response.
The only way I could actually get my file to open was to specify a URL that did not include the final filename portion, than select that from the tree view shown below the directory browse section.
> There may be differences between our servers.
> I use apache 1.3.29 + moddav 1.0.3. What is your configuration?
> Do you use Oxygen 5.0? What OS?
It is oxygen 5.0 (trial license) on win2K sp4
The server is Zope. It's using "cookie crumbler".
I mentioned it previously, but perhaps haven't amplified the issue enough. If a basic auth header is not included in the http request, and the 'authenticated cookie' is also not sent, than Zope returns an HTML login form. It does not return an http un-auth error code.
What I need is a way to ALWAYS send the basic auth information for every HTTP request sent to a particular server, including direct file opens (which work) or imports during a transform (which seems not to work in my case).
I suspect that if my server returned an http un-auth error code, than the "right thing" would happen during the transform as well.
Perhaps this is a feature request, not a bug report? I'd like an option that says "cache userid/password for this 'server' and always offer it on any subsequent request".
As it stands now, I have to temporarily disable authentication in my server to get this to work. I'd like to avoid that in the future.
Yes, this is a problem, because the Zope server does not respect the http spec for authentication. We are always forcing the HTTP implementation to use preemtive basic authentication, so I am not sure we can fix this. I have used a TCP-dump utility to check this is happening. The first GET request is indeed sending the Authorisation field.If a basic auth header is not included in the http request, and the 'authenticated cookie' is also not sent, than Zope returns an HTML login form. It does not return an http un-auth error code.
Cheers,
Dan
-
TimWallace
- Posts: 10
- Joined: Thu Nov 17, 2011 10:49 pm
Jump to
- Oxygen XML Editor/Author/Developer
- ↳ Feature Request
- ↳ Common Problems
- ↳ DITA (Editing and Publishing DITA Content)
- ↳ SDK-API, Frameworks - Document Types
- ↳ DocBook
- ↳ TEI
- ↳ XHTML
- ↳ Other Issues
- Oxygen XML Web Author
- ↳ Feature Request
- ↳ Common Problems
- Oxygen Content Fusion
- ↳ Feature Request
- ↳ Common Problems
- Oxygen JSON Editor
- ↳ Feature Request
- ↳ Common Problems
- Oxygen PDF Chemistry
- ↳ Feature Request
- ↳ Common Problems
- Oxygen Feedback
- ↳ Feature Request
- ↳ Common Problems
- Oxygen XML WebHelp
- ↳ Feature Request
- ↳ Common Problems
- XML
- ↳ General XML Questions
- ↳ XSLT and FOP
- ↳ XML Schemas
- ↳ XQuery
- NVDL
- ↳ General NVDL Issues
- ↳ oNVDL Related Issues
- XML Services Market
- ↳ Offer a Service