 Relationships |
|
| Anonymous | Login | Signup for a new account | 2013.05.26 03:19 CEST |
| Main | My View | View Issues | Change Log | Roadmap | Docs |
| Viewing Issue Advanced Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
| 0000049 | [Piwigo] users & groups | feature | N/A | 2004.08.24 11:22 | 2005.07.17 16:26 | ||
| Reporter | glz | View Status | public | ||||
| Assigned To | plg | ||||||
| Priority | normal | Resolution | fixed | Platform | i386/P4 | ||
| Status | closed | OS | FreeBSD | ||||
| Projection | none | OS Version | 4.10 | ||||
| ETA | none | Fixed in Version | 1.5 branch | Product Version | |||
| Target Version | Product Build | ||||||
| Summary | 0000049: Use of REMOTE_USER to identify PHPWebGallery user | ||||||
| Description | Using PHPWebGallery together with other applications in a setting where the Apache does the authentication do not work as there is no way to map the remote user to a PHPWebGallery user. | ||||||
| Steps To Reproduce | If authentication is set on the Apache for the PHPWebGallery location, first you get the HTTP authentication box but then is still required to login to PHPWebGallery. | ||||||
| Additional Information | |||||||
| Tags | No tags attached. | ||||||
| browser | any | ||||||
| Database engine and version | |||||||
| PHP version | 4.3.8 | ||||||
| Web server | Apache 2.0.50 | ||||||
| Attached Files | |||||||
|
|
|||||||
|
Relationships |
|
|
Notes |
|
|
(0000022) plg (manager) 2004.08.24 21:48 |
Good idea :-) but not in branch 1.3, it would be a new feature for branch 1.4 What do you think about the following test : if $_SERVER['REMOTE_USER'] is set and no $_GET['id'] found, then PhpWebGallery create a session (so a ?id=xyz will be added to PhpWebGallery URLs) ? A requirement would be that Apache authentication users have same usernames as PhpWebGallery users. |
|
(0000026) glz (reporter) 2004.08.24 22:35 |
Yes, it looks OK from what I would expect. And this type of mapping always have to be on userid. If no match is found, I would assume that a mapping to 'guest' would make the logic for open/closed site work correctly. |
|
(0000189) plg (manager) 2005.07.10 05:06 |
A long time has passed (1 year) and the feature still does not exist. But, yesterday, I've been thinking about it. Here is what I propose more precisely : The goal is to declare users only in your .htaccess associated user file. Once logged through Apache, if PWG is configured to search in Apache authentication method, the session used is the Apache session. No need to create a PWG session. If no user matches $_SERVER['REMOTE_USER'] in "users" table, PWG automatically creates one. This way, users can customize the behaviour of the application. I plan to add this for branch 1.5 |
|
(0000196) plg (manager) 2005.07.17 16:26 |
Feature added on development branch : https://mail.gna.org/public/phpwebgallery-cvs/2005-07/msg00004.html [^] This feature will be available in stable branch 1.5 |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2004.08.24 11:22 | glz | New Issue | |
| 2004.08.24 21:48 | plg | Note Added: 0000022 | |
| 2004.08.24 21:49 | plg | Assigned To | => plg |
| 2004.08.24 21:49 | plg | Reproducibility | always => N/A |
| 2004.08.24 21:49 | plg | Status | new => assigned |
| 2004.08.24 21:49 | plg | version | 1.3.2 => 1.4 |
| 2004.08.24 22:35 | glz | Note Added: 0000026 | |
| 2005.05.01 08:12 | plg | version | 1.4 branch => |
| 2005.07.10 05:06 | plg | Note Added: 0000189 | |
| 2005.07.17 16:26 | plg | Note Added: 0000196 | |
| 2005.07.17 16:26 | plg | Status | assigned => closed |
| 2005.07.17 16:26 | plg | Resolution | open => fixed |
| 2005.07.17 16:26 | plg | Fixed in Version | => 1.5 branch |
| Mantis 1.1.6[^] Copyright © 2000 - 2008 Mantis Group Contact |  |
