gerrit http authentication
Solution 1
Took me a while to figure this out.
Tomcat was installed and tested.
Then I copied gerrit war file over and put it in tomcat/webapps. Then from the tomcat manager http://[host]:8080/manager/ I installed it (by clicking the start button)
Then I had to install mysql J Connector. Basically download it from Mysql and copy the jar file into tomcat/lib
Next I created a file in tomcat/webapps/gerrit/META-INF called Context.xml
<Context>
<Resource name="jdbc/ReviewDb" auth="Container" type="javax.sql.DataSource"
maxActive="100" maxIdle="30" maxWait="10000"
username="****" password="******" driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://localhost:3306/reviewdb"/>
</Context>
Because I had used bouncy castle with the daemon I had to copy the .jar file from original install to tomcat/webapps/gerrit/WEB-INF/lib
Then I managed to start gerrit to see if it was working. Try accessing http://[host]:8080/gerrit This should give you an error from gerrit about bad Apache conf.
Than I reconfigured my apache virtual host like this. So I access gerrit with http://gerrit/gerrit
This then uses http auth before passing your request onto the tomcat server.
<VirtualHost *:80>
ServerAdmin adrian@iceweasel
ServerName gerrit
ServerAlias gerrit
ErrorLog "logs/error_log"
CustomLog "logs/access_log" vcommon
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /gerrit/login/>
AuthType Basic
AuthName "Gerrit Code Review"
AuthUserFile /rddata/www/gerrit/users
AuthGroupFile /rddata/www/gerrit/groups
Require group review
Order Deny,Allow
Allow from all
</Location>
ProxyPass /gerrit/ http://127.0.0.1:8080/gerrit/
</VirtualHost>
Solution 2
Try this (no tomcat is needed)
- download gerrit.war
-
initialize a new project
java -jar gerrit.war init -d review
- set auth method to "HTTP"
- check config files of gerrit and apache
etc/gerrit.config
[gerrit]
...
canonicalWebUrl = http://hostname:9091/
...
[httpd]
listenUrl = http://*:9090/
...
vhost config for apache
Listen 9091
<VirtualHost *:9091>
ProxyRequests Off
ProxyVia Off
ProxyPreserveHost On
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
<Location /login/>
AuthType Basic
AuthName "Gerrit Code Review"
AuthUserFile /path/to/gerrit-users
Require valid-user
Order Deny,Allow
Allow from all
</Location>
ProxyPass / http://127.0.0.1:9090/
</VirtualHost>
Solution 3
I know this is an old thread, but I've provided a tutorial on serverfault for setting up Gerrit under tomcat. If you're still interested, here it is:
https://serverfault.com/questions/383573/how-do-i-install-gerrit-under-tomcat-with-ldap
user391986
Updated on September 07, 2022Comments
-
user391986 over 1 year
I'm trying to setup gerrit HTTP authentication. I am reading the documentation at gerrit http authentication which briefly talks about how to setup apache but where exactly do I put this piece of code and configure apache tomcat?
Otherwise, I researched and found out about "siteminder" for http authentication; am I supposed to be using that instead?
My requirements are that I have my own set of user accounts in my custom system and I need each of my user accounts to be able to interact with gerrit so I figured http would allow custom creation/duplicate of each.