Sorry...My setting is error....

PythonOption WebCert /root/genca/certs/kojiweb.pem -> PythonOption WebCert /root/genca/kojiweb.pem

but...another messages is feeback..

Mod_python error: "PythonHandler mod_python.publisher"


Traceback (most recent call last):

  File "/usr/lib/python2.4/site-packages/mod_python/apache.py", line 299, in HandlerDispatch
    result = object(req)

  File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 213, in handler

    published = publish_object(req, object)

  File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 412, in publish_object
    return publish_object(req,util.apply_fs_data(object, req.form, req=req))


  File "/usr/lib/python2.4/site-packages/mod_python/util.py", line 439, in apply_fs_data
    return object(**args)

  File "/usr/share/koji-web/scripts/index.py", line 144, in login
    if not _sslLogin(req, session, username):


  File "/usr/share/koji-web/scripts/index.py", line 56, in _sslLogin
    proxyuser=username)

  File "__init__.py", line 1233, in ssl_login

  File "__init__.py", line 1278, in callMethod


  File "__init__.py", line 1304, in _callMethod

AuthError: /C=TW/ST=Taiwan/O=OSSII/CN=web.ossii.com.tw/emailAddress=kevin.lin@ossii.com.tw is not authorized to login other users



2008/7/18 Linul <kevin.linul@gmail.com>:
Hi..

I have already setup my koji-cli、 kojid、koji-hub、koji-web、kojira, and test ok,but still have a problem,it is web UI login

I have already import the cert. when I login the Web UI, the messages is:
Mod_python error: "PythonHandler mod_python.publisher"

Traceback (most recent call last):

  File "/usr/lib/python2.4/site-packages/mod_python/apache.py", line 299, in HandlerDispatch


    result = object(req)

  File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 213, in handler
    published = publish_object(req, object)

  File "/usr/lib/python2.4/site-packages/mod_python/publisher.py", line 412, in publish_object


    return publish_object(req,util.apply_fs_data(object, req.form, req=req))

  File "/usr/lib/python2.4/site-packages/mod_python/util.py", line 439, in apply_fs_data
    return object(**args)

  File "/usr/share/koji-web/scripts/index.py", line 144, in login


    if not _sslLogin(req, session, username):

  File "/usr/share/koji-web/scripts/index.py", line 56, in _sslLogin
    proxyuser=username)

  File "__init__.py", line 1232, in ssl_login



  File "XMLRPCServerProxy.py", line 74, in __init__

  File "SSLCommon.py", line 38, in CreateSSLContext

StandardError: /root/genca/certs/kojiweb.pem does not exist or is not readable
My kojiweb.conf:

    PythonDebug On
    PythonOption KojiHubURL http://koji.ossii.com.tw/kojihub
    PythonOption KojiWebURL http://koji.ossii.com.tw/koji
    PythonOption KojiPackagesURL http://koji.ossii.com.tw/koji/packages
    #PythonOption WebPrincipal koji/kevin.lin@ossii.com.tw
    #PythonOption WebKeytab /etc/httpd.keytab
    #PythonOption WebCCache /var/tmp/kojiweb.ccache
    PythonOption WebCert /root/genca/certs/kojiweb.pem
    PythonOption ClientCA /root/genca/koji_ca_cert.crt
    PythonOption KojiHubCA /root/genca/koji_ca_cert.crt

My web user is "admin", and have a record in postgresql, also can user koji instruction as normal.

and I create the web cert step is:

openssl pkcs12 -export -inkey certs/admin.key -in certs/admin.crt -CAfile koji_ca_cert.crt \


-out certs/admin_browser_cert.p12

thanks..


--
=============================================================================
林毓能
Linul
RedHat Certified Engineer

TsLG網路工作室:http://www.tslg.idv.tw
TsLG城市午後:http://blog.tslg.idv.tw
Linul攝影紀實:http://photo.tslg.idv.tw
手機:0939797462
E-mail : kevin.linul@gmail.com; linul@tslg.idv.tw
=============================================================================



--
=============================================================================
林毓能
Linul
RedHat Certified Engineer

TsLG網路工作室:http://www.tslg.idv.tw
TsLG城市午後:http://blog.tslg.idv.tw
Linul攝影紀實:http://photo.tslg.idv.tw
手機:0939797462
E-mail : kevin.linul@gmail.com; linul@tslg.idv.tw
=============================================================================