set up gerrit with http authentication

Question

I am trying to configure gerrit with http baisc authentication , my httpd config is

<VirtualHost *:8081>
    ServerName localhost

    ProxyRequests Off
    ProxyVia Off
    ProxyPreserveHost On

    <Proxy *>
          Order deny,allow
          Allow from all
    </Proxy>

<Location "/login/">
AuthType Basic
AuthName "Gerrit Code Review"
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
Require valid-user
</Location>
ProxyPass / http://localhost:8081/
</VirtualHost>

and my gerrit.config is

[gerrit]
        basePath = git
        canonicalWebUrl = http://localhost:8081/
[database]
        type = mysql
        hostname = localhost
        database = reviewdb
        username = gerrit
[auth]
        type = HTTP
[sendemail]
        smtpServer = localhost
        smtpUser = gerrit
[container]
        user = gerrit
        javaHome = /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre
[sshd]
        listenAddress = *:29418
[httpd]
        listenUrl = proxy-http://*:8081/
[cache]
        directory = cache

i am not sure where am i going wrong but the accessing http://x.x.x.x:8081 says

The HTTP server did not provide the username in the Authorization header when it forwarded the request to Gerrit Code Review.

If the HTTP server is Apache HTTPd, check the proxy configuration includes an authorization directive with the proper location, ensuring it ends with '/': 

my gerrit runs on the inbuild jetty countainer and my OS is centos 6.4

where am i going wrong.?

Answer 1

Okay. Actually I was creating a virtual host on port 8081 and my Jetty (that comes along with gerrit) was also listening to the same port,my configuration remained almost the same but these are the additional steps :-

• Add a new port to your selinux (which has some basic ports defined initially) or you can disable it if security is not an issue.
• tell httpd to listen to this port(in my case i added 8082) ,so add the line listen <port-no> in your http conf file

• Change the virtual host to your port number now your virtualhost is set on port 8082

  <VirtualHost *:8082>
      ServerName localhost
  
      ProxyRequests Off
      ProxyVia Off
      ProxyPreserveHost On
  
      <Proxy *>
            Order deny,allow
            Allow from all
      </Proxy>
      <Location "/login/">
            AuthType Basic
            AuthName "Gerrit Code Review"
            AuthBasicProvider file
            AuthUserFile /usr/local/apache/passwd/passwords
            Require valid-user
      </Location>
  
      ProxyPass / http://localhost:8081/
  </VirtualHost>
  

• change the canonical url to port 8082 (so that it redirects it to same port)

• finally restart the apache and Gerrit (access your-host:8082).