Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG  Not logged in ELOG logo
 Back  |  Find  |  Login  |  Help 
Message ID: 69727     Entry time: Sun Feb 18 11:43:07 2024
Icon: Question  Author: James  Author Email: richo-sm@outlook.com 
Category: Question  OS: Linux | Windows  ELOG Version: 3.1.4 
Subject: Webserver Auth Method and Self Registration 

Hi there. I have been testing a set-up of elog behind an Apache reverse proxy using the Webserver auth method. Apache has been configured for LDAPS with Active Directory allowing us to restrict Elogs by AD group, something not able to be done with the LDAP module.

Testing with Elog 3.1.4 (on Windows) and also Elog 3.1.5 (compiled on Ubuntu 20.04) I experience an issue that when the user logs in for the first time using the above they get the self registration box asking for name and email, and then once they hit save they get an error that says: "Error: Command "Config" not allowed".  Once the error is dismissed it never comes back, but its confusing for users who call for help when they first see it.

Is there a way to skip the self registration with the Webserver auth method? and if not is there a reason for the error?

Attached is a copy of the error and an elog config file. Any ideas?

PS. As a side piece the logout options for Webserver needs some enhancement, maybe an option to close the web browser or tab so that it does not retain the logged in cookies.

Attachment 1: login-error.png  3 kB  | Hide | Hide all
login-error.png
Attachment 2: elogd.cfg  2 kB  | Hide | Hide all 
[global]
port = 8080
SSL = 0
Page title = Company X
Entries per page = 25
List page title = Company X
Login page title = Company X
Logbook tabs = 0
Menu commands = Back, New, Find, Download, Logout
List Menu commands = New, Find, Logout
Password file = password.pwd
Max content length = 100000
Allow password change = 0
Enable attachments = 0
Show attachments = 0
Hide attachments = 1
List after submit = 1
Logout to main = 0
Allowed encoding = 5
Default encoding = 1
Welcome title = Electronic LogBook
Summary line = 5
Summary line depth = 100
Show top groups = 0
Search all logbooks = 0
Refresh = 300
Login expiration = 0
Reply string =
Suppress default = 2
Thread display = $category entered by $author on $Entry time
Thread icon = Icon
Preset on reply author = $long_name
All display limit = 300
Start page = ?last=31
Bottom text =
Botton text login =
Resolve host names = 1
Suppress Email on edit = 3

[demo]
Theme = default
Hidden = 1
Authentication = File
Comment = General Linux Tips & Tricks
Attributes = Author, Type, Category, Subject
Options Type = Routine, Software Installation, Problem Fixed, Configuration, Other
Options Category = General, Hardware, Software, Network, Other
Extendable Options = Category
Required Attributes = Author, Type
Page Title = ELOG - $subject
Reverse sort = 1
Quick filter = Date, Type
Logout to URL = https://intranet.xyz/

[elog]
Hidden = 1
Authentication = Webserver
LDAP register = 0
Self register = 0
Theme = default
Comment = Elog Site
Preset Author = $long_name
Locked Attributes = Author
Attributes = Category, Codes, Synopsis, Event Date, Author
Options Synopsis = Yes, No
Style Synopsis Yes = background-color:yellow
Style Medical Yes = background-color:green
Type Event Date = datetime
Preset Event Date = $datetime
Date format %A %B %d %Y %H:%M
List Display = ID, Event Date, Category, Codes, Synopsis, Date, Author
MOptions Category = Test 1, Test 2
MOptions Codes = MED, ACH
Required Attributes = Author, Event Date, Codes
Style Codes MED = background-color:green
Page Title = Company X
Reverse sort = 1
Quick filter = Date, Category, Codes
Sort Attributes = Event Date
Logfile = Elog.log
Logging level = 3
Logout to URL = https://intranet.xyz/
Bottom text =
ELOG V3.1.5-fe60aaf