John Fawcett
2020-Nov-15 14:33 UTC
[patch] enhancement for tika server protected by user/password basic auth
Hi
The existing code is designed for a tika server on local host, or on a
remote host that is either accessable to all or for example taht is
protected by ip restrictions via a proxy in front of it.
I've configured a tika server behind an apache proxy which enforces
basic auth, but sending basic auth credentials for a tika server is not
currently supported by Dovecot.
The following patch allows to have user and password specified in the
fts_tika url in much the same way you can for fts_solr.
fts_tika = https://user:password at tika_host/tika
John
--- dovecot-2.3.11.3-orig/src/plugins/fts/fts-parser-tika.c????
2020-08-12 14:20:41.000000000 +0200
+++ dovecot-2.3.11.3/src/plugins/fts/fts-parser-tika.c? 2020-11-15
15:18:24.351281064 +0100
@@ -57,7 +57,7 @@
??????? tuser = p_new(user->pool, struct fts_parser_tika_user, 1);
??????? MODULE_CONTEXT_SET(user, fts_parser_tika_user_module, tuser);
-?????? if (http_url_parse(url, NULL, 0, user->pool,
+?????? if (http_url_parse(url, NULL, HTTP_URL_ALLOW_USERINFO_PART,
user->pool,
?????????????????????????? &tuser->http_url, &error) < 0) {
??????????????? i_error("fts_tika: Failed to parse HTTP url %s: %s",
url, error);
??????????????? return -1;
@@ -152,6 +152,11 @@
??????????????????????? http_url->host.name,
??????????????????????? t_strconcat(http_url->path, http_url->enc_query,
NULL),
??????????????????????? fts_tika_parser_response, parser);
+??????? if (http_url->user != NULL) {
+??????????????? http_client_request_set_auth_simple(
+??????????????????????? http_req, http_url->user, http_url->password);
+??????? }
+
??????? http_client_request_set_port(http_req, http_url->port);
??????? http_client_request_set_ssl(http_req, http_url->have_ssl);
??????? if (parser_context->content_type != NULL)
PGNet Dev
2020-Nov-15 14:49 UTC
[patch] enhancement for tika server protected by user/password basic auth
On 11/15/20 6:33 AM, John Fawcett wrote:> I've configured a tika server behind an apache proxy which enforces > basic auth, but sending basic auth credentials for a tika server is not > currently supported by Dovecot.i was _just_ setting up a tika instance behind a nginx proxy with basicauth in place. hadn't yet gotten to the "can't pass auth creds in dovecot" bit. thx! for the patch; hopefully the premise/patch will get picked up. (ya-request for a proper @dovecot public bug/issue queue!) have you found any other 'magic required' to get solr & tika indexing text/attachments, respectively, in Dovecot context? is it as straightforward as spec'ing the 'fts_solr' & 'fts_tika' urls, and Dovecot does the passing-around correctly?
John Fawcett
2020-Nov-15 17:10 UTC
[patch] enhancement for tika server protected by user/password basic auth
On 15/11/2020 15:49, PGNet Dev wrote:> On 11/15/20 6:33 AM, John Fawcett wrote: >> I've configured a tika server behind an apache proxy which enforces >> basic auth, but sending basic auth credentials for a tika server is not >> currently supported by Dovecot. > > i was _just_ setting up a tika instance behind a nginx proxy with > basicauth in place. > > hadn't yet gotten to the "can't pass auth creds in dovecot" bit. > thx! for the patch; hopefully the premise/patch will get picked up. > (ya-request for a proper @dovecot public bug/issue queue!) > > have you found any other 'magic required' to get solr & tika indexing > text/attachments, respectively, in Dovecot context? > is it as straightforward as spec'ing the 'fts_solr' & 'fts_tika' urls, > and Dovecot does the passing-around correctly?I've just started using tika myself, but from my tests, it's as simple as adding fts_tika to a working solr integration. John