Piwigo Bugtracker

Piwigo bug tracker has moved to Github

This bugtracker is kept to provide history on old issues.

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000049Piwigousers & groupspublic2004.08.24 11:222005.07.17 16:26
Assigned Toplg 
Platformi386/P4OSFreeBSDOS Version4.10
Product Version 
Target VersionFixed in Version1.5 branch 
Summary0000049: Use of REMOTE_USER to identify PHPWebGallery user
DescriptionUsing PHPWebGallery together with other applications in a setting where the Apache does the authentication do not work as there is no way to map the remote user to a PHPWebGallery user.
Steps To ReproduceIf authentication is set on the Apache for the PHPWebGallery location, first you get the HTTP authentication box but then is still required to login to PHPWebGallery.
TagsNo tags attached.
Database engine and version
PHP version4.3.8
Web serverApache 2.0.50
Attached Files

- Relationships

-  Notes
plg (manager)
2004.08.24 21:48

Good idea :-) but not in branch 1.3, it would be a new feature for branch 1.4

What do you think about the following test : if $_SERVER['REMOTE_USER'] is set and no $_GET['id'] found, then PhpWebGallery create a session (so a ?id=xyz will be added to PhpWebGallery URLs) ?

A requirement would be that Apache authentication users have same usernames as PhpWebGallery users.
glz (reporter)
2004.08.24 22:35

Yes, it looks OK from what I would expect. And this type of mapping always have to be on userid.

If no match is found, I would assume that a mapping to 'guest' would make the logic for open/closed site work correctly.
plg (manager)
2005.07.10 05:06

A long time has passed (1 year) and the feature still does not exist. But, yesterday, I've been thinking about it. Here is what I propose more precisely :

The goal is to declare users only in your .htaccess associated user file. Once logged through Apache, if PWG is configured to search in Apache authentication method, the session used is the Apache session. No need to create a PWG session.

If no user matches $_SERVER['REMOTE_USER'] in "users" table, PWG automatically creates one. This way, users can customize the behaviour of the application.

I plan to add this for branch 1.5
plg (manager)
2005.07.17 16:26

Feature added on development branch : https://mail.gna.org/public/phpwebgallery-cvs/2005-07/msg00004.html [^]

This feature will be available in stable branch 1.5

- Issue History
Date Modified Username Field Change
2004.08.24 11:22 glz New Issue
2004.08.24 21:48 plg Note Added: 0000022
2004.08.24 21:49 plg Assigned To => plg
2004.08.24 21:49 plg Reproducibility always => N/A
2004.08.24 21:49 plg Status new => assigned
2004.08.24 21:49 plg Product Version 1.3.2 => 1.4
2004.08.24 22:35 glz Note Added: 0000026
2005.05.01 08:12 plg Product Version 1.4 branch =>
2005.07.10 05:06 plg Note Added: 0000189
2005.07.17 16:26 plg Note Added: 0000196
2005.07.17 16:26 plg Status assigned => closed
2005.07.17 16:26 plg Resolution open => fixed
2005.07.17 16:26 plg Fixed in Version => 1.5 branch

Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker