Message5253
> John Kristensen added the comment:
> On 27/02/15 19:40, Anthony wrote:
>> Greetings.
>>
>> Because of facing the problem with "REMOTE_USER" i can't appreciate
>> evenly how many users face the same.
>>
>> Also i want you to pay attention to another part of patch:
>>
>> 2.c " Make all HTTP-request options available in internal environment as
>> "HTTP_" prefixed variable, not just few hardcoded" which make benefit
>> of passing options from reverse proxy (may be not in the same system)
>> to roundup internals.
> If it is possible to write a Login action that makes use of HTTP
> environment variables, then I can see some value in passing these
> through without being filtered. But are there any other use-cases where
> the environment variables would actually be used? Would these use-cases
> be any different from the existing "is a username set? if so, log them in".
First of all, i explored this few month ago so i can forget
somethings about the issue.
It is possible to write a Login action that makes use of HTTP
variables. Unfortunately, there is a lack of HTTP environment
variables. There are few hardcoded.
> I'm not very familiar with this section of code though, so maybe someone
> else can provide some comment on this.
> Did you have a look at the serverfault link I mentioned in my last
> response? Was it a workable solution? If it is then I think it would be
> a preferable solution to fix this sort of issue outside of round (and
> document these sort of solutions) than attempting to solve them within
> roundup.
They suggest to change REMOTE_USER to other name (proxy-user) before proxying and
on the backend rename it back REMOTE_USER . The problem is that 'backend' is roundup.
As i remember there are a some more problem passing variables. They
prefixed with REDIRECT_.
>>
>> P.S. May be somebody do a review of another patch
>> http://issues.roundup-tracker.org/issue2550871
>>
>> P.P.S. The text above sended via email has returned with folowing error:
>>
>> There were problems handling your subject line argument list:
>> - not of form [arg=value,value,...;arg=value,value,...]
>>
> My guess is because of the "[proposed patch]" in the subject (which may
> now be removed because I have snipped it from my response... wei'll see.
> ----------
> title: New option for web auth [proposed patch] -> New option for web auth
> ________________________________________________
> Roundup tracker <issues@roundup-tracker.org>
> <http://issues.roundup-tracker.org/issue2550837>
> ________________________________________________ |
|
Date |
User |
Action |
Args |
2015-03-04 11:59:20 | antmail | set | recipients:
+ antmail, ber, rouilj, techtonik, jerrykan |
2015-03-04 11:59:20 | antmail | link | issue2550837 messages |
2015-03-04 11:59:19 | antmail | create | |
|