use with non standard md5 replacement was 403 Error

[cminder]

I'm getting the following error:
2016-10-18 09:41:05,097 newrelic_marklogic_plugin.http_utils DEBUG dereference http GET
2016-10-18 09:41:05,097 newrelic_marklogic_plugin.http_utils DEBUG http://XX.XXX.158.66:8002/manage/v2?view=status&format=json
2016-10-18 09:41:05,104 newrelic_marklogic_plugin.http_utils ERROR HTTP Request returned 403 when accessing http://XX.XXX.158.66:8002/manage/v2?view=status&format=json , check configuration.
I can get to the url via curl with the --anyauth flag and the credentials I have setup in the newrelic_marklogic.conf file
auth = DIGEST

[xquery]

403 means you cannot access MarkLogic itself... it seems odd that you can access with curl and not with python - as with #6 if you can provide conf file, operating system I can try and deduce what is up.

[cminder]

2016-10-18 13:27:10,948 newrelic_marklogic_plugin DEBUG init plugin
2016-10-18 13:27:10,949 newrelic_marklogic_plugin INFO newrelic_marklogic plugin now
sending statuses to NewRelic Plugin API (to see more log messages change log_level=DEBU
G).
2016-10-18 13:27:10,949 newrelic_marklogic_plugin DEBUG retrieve statuses and update
newrelic
2016-10-18 13:27:10,949 newrelic_marklogic_plugin.http_utils DEBUG dereference http G
ET
2016-10-18 13:27:10,949 newrelic_marklogic_plugin.http_utils DEBUG http://10.153.158.
66:8002/manage/v2?view=status&format=json
2016-10-18 13:27:10,956 newrelic_marklogic_plugin.http_utils DEBUG cminder
2016-10-18 13:27:10,956 newrelic_marklogic_plugin.http_utils DEBUG PasswordML
2016-10-18 13:27:10,956 newrelic_marklogic_plugin.http_utils DEBUG <requests.auth.HTT
PDigestAuth object at 0x7f98bdebd5d0>
2016-10-18 13:27:10,956 newrelic_marklogic_plugin.http_utils DEBUG {'Accept': 'applic
ation/json'}
2016-10-18 13:27:10,956 newrelic_marklogic_plugin.http_utils ERROR HTTP Request retur
ned 403 when accessing http://10.153.158.66:8002/manage/v2?view=status&format=json , che
ck configuration.

[xquery]

thanks this is related to replacement of md5 ... will investigate

[xquery]

can you provide us with the hashlib that was replaced ?

[xquery]

if you craft an example connect to :8002/manage/v2 with python requests library that should fail.

[xquery]

offline conversation - @cminder clarified.. can you tell us specifically how ?

In the interim please try installing new python package which has the latest python requests library

https://pypi.python.org/pypi/newrelic_marklogic_plugin/0.2.5

to install

pip install newrelic_marklogic_plugin 

or download release from

https://github.com/marklogic/newrelic-plugin/releases/tag/0.2.5

[xquery]

any followup ?

[cminder]

For FIPS 140-2 compliance, the openssl installation was built without the MD5 hashlib. Unfortunately, this is the only details concerning this I have to offer.

[xquery]

ok - I will research what impact that is having on python standard libs and python requests module which the newrelic plugin relies upon.

[xquery]

in my research I see others have encountered issues with FIPS 140-2 compliance with python

ansible/ansible#9429

still cogitating if I can get python requests module to do a custom alg to the response challenge.