Forum Config Examples Contributions Vulnerabilities

Discussion forum about ELOG, Page 239 of 805

Not logged in

Find | Login | Help

New entries since:

Thu Jan 1 01:00:00 1970

Full | Summary | Threaded | Hide attachments

6440 Entries

Goto page Previous 1, 2, 3 ... 238, 239, 240 ... 803, 804, 805 Next

Not Found

The requested file /usr/local/elog/themes/default/blortblortblort7854.htm was not found on this server

ELOG version 3.1.0

Is there any way to use a custom 404 page with elog, or to make it stop displaying the file information?

Thank you,

67884

Wed May 6 15:13:11 2015

parse a correctly the username in save_user_config when using Webserver authentication

Hi Stefan,

When we use Webserver authentication, we have the correct username already in the variable http_user.

The old way of copying this http_user to "user" is wrong since we don't use the size of http_user.

Instead, just encode the http_user variable directly.

See attached patch against git HEAD.

Christof

Attachment 1: parse_http_user_correctly.patch

diff --git a/src/elogd.c b/src/elogd.c
index 601639c..de4734b 100755
--- a/src/elogd.c
+++ b/src/elogd.c
@@ -13142,12 +13142,13 @@ int save_user_config(LOGBOOK * lbs, char *user, BOOL new_user)
 
    /* if we outsourced the authentication, use external username */
    getcfg(lbs->name, "Authentication", str, sizeof(str));
-   if ( stristr(str, "Webserver")) {
-      strlcpy(user, http_user, sizeof(user));
-   }
 
    /* do not allow HTML in user name */
-   strencode2(user_enc, user, sizeof(user_enc));
+   if ( stristr(str, "Webserver")) {
+      strencode2(user_enc, http_user, sizeof(user_enc));
+   } else {
+      strencode2(user_enc, user, sizeof(user_enc));
+   }
 
    /* check for user name */
    if (!isparam("new_user_name") || *getparam("new_user_name") == 0) {

67883

Wed May 6 12:31:04 2015

Documentation of the webserver authentication

Hi Stefan,

here is a draft of how you could describe the webserver authentication in your docs.

T/Christof

Attachment 1: webserver_auth_doc.patch

diff --git a/doc/adminguide.html b/doc/adminguide.html
index da25388..0568ae3 100755
--- a/doc/adminguide.html
+++ b/doc/adminguide.html
@@ -243,6 +243,37 @@ URL = http://your.proxy.host/subdir/
 
 into elogd.cfg.<p>
 
+<h3><hr><i>Using apache authentication:</i></h3>
+It is also possible to login via an apache-auth module.

+In elogd.cfg you should use the keyword "Webserver" for Authentication:
+  
+<ul><pre>
+Authentication = Webserver
+</pre></ul>
+This triggers elogd to use the environment variable "X-Forwarded-User" as the logged in user.

+A simple example of a apache configuration (including the proxy) is :
+<ul><pre>
+# this required to pass on the generated env-variable X-Forwarded-User to the proxy 
+ProxyPassInterpolateEnv On
+
+ProxyPass /elog/ http://your.host.domain:8080/
+
+&lt;Location  "/elog"&gt;
+        Order allow,deny
+        Allow from all     
+        AuthType Basic
+        AuthName "elog-server"
+        AuthUserFile "/opt/elog/htpasswd"
+        require valid-user
+        RequestHeader unset  Authorization
+        RequestHeader add X-Forwarded-User %{REMOTE_USER}s
+        # elog doesn't like the '@', so we need to cut it
+        RequestHeader edit X-Forwarded-User "@(.*)$" ""
+&lt;/Location&gt;
+</pre></ul>
+
+
+
 <hr><a name="imagemagick"> <div class=section>&nbsp; Installing ImageMagick &nbsp;</div> <p> 
 When images are attached to ELOG entries, thumbnails can be created for quick preview.
 This works also for PDF and PostScript files. ELOG forwards any image operation
diff --git a/doc/config.html b/doc/config.html
index 9848f58..9e98855 100755
--- a/doc/config.html
+++ b/doc/config.html
@@ -2207,6 +2207,22 @@ Options Location = Main Building{a}, New Building{b}, Old Building{c}
     you have to change your password by other means (such as via the Windows
     login if you use a Windows Domain).
     </p>
+    <p>
+    Beside the Kerberos authentication, elogd version 3.0 and higher can be configured to accept a authentication done
+    by the webserver. 
+    <ul>
+      <li>
+        <b><code>Authentication = Webserver</code></b>
+      </li>
+    </ul>
+    </p>
+    <p>
+    You can also combine it with other authentication methods as shown for Kerberos.
+    </p>
+    <p>
+    Elogd is then accepting the username set in the Request-Header "X-Forwarded-User" as already logged in.<br/>
+    To make this work, you need to configure the webserver correctly, as describe in the adminguide.
+    </p>
     
     <p>
       <a name="email" id="email"></a>

67882

Wed May 6 11:00:14 2015

logout to external page

Hi Stefan,

I am happy to see that you include the webserver authentication.
So I can now login at some other page and then access elog.
However, I would also need some means of logging out some where else.

For this I propose a new Configuration option "Logout to page" which redirects to another page if set and "Logout to main" is 0.

See the attached patch (against git HEAD)

Does this make sense to you ?

Christof

PS: Many thanks for the autosave mode, I already used it ;-)

Attachment 1: logout_to_page.patch

diff --git a/src/elogd.c b/src/elogd.c
index 601639c..0f976be 100755
--- a/src/elogd.c
+++ b/src/elogd.c
@@ -27975,6 +27975,11 @@ void interprete(char *lbook, char *path)
       if (getcfg(lbs->name, "Logout to main", str, sizeof(str)) && atoi(str) == 1) {
          sprintf(str, "../");
          setparam("redir", str);
+      } else {
+         getcfg(lbs->name, "Logout to page", str, sizeof(str));
+         if (str[0]) {
+             setparam("redir", str);
+         }
       }
       set_sid_cookie(lbs, "", "");
       sid_remove(getparam("sid"));

67881

Tue May 5 12:17:24 2015

Andreas Luedeke

andreas.luedeke@psi.ch

Bug report

Linux

3.1.0

Re: Problem with autosave functionality when combined with no 'edit' button

Oups, now I feel almost a little bit sorry for asking But thank you anyway!!!

You should see it that way: there are millions of possible applications for a smart electronic logbook like ELOG, and most possible combinations of flags and options will make sense for some of them

Stefan Ritt wrote:

Arghhhh! Guess how many people asked me for the autosave feature! I worked really hard on it (including an airplane flight to Japan!), not the next guy comes "can we disable that feature?".

I agree that this feature has many side effects, and I have to adress one by one, but in the end the community will benefit. Think of starting a draft at one computer, and finishing at another one. Lazarus won't help you there.

Nevertheless , I added a "Save drafts" which you can set to zero. But I would rather prefer if people tell me their problems, and I fix them, instead of siletnly just disabling this feature and keeping the bugs there unresolved.

Andreas Luedeke wrote:

By the way Stefan: is there a way to disable the whole draft message feature?

If people are used to e.g. the lazarus addon for firefox, they might prefer their browser to keep their drafts confidential, instead of suffering from accidental premature draft postings ;-)

67880

Tue May 5 12:09:53 2015

Re: Problem with autosave functionality when combined with no 'edit' button

Arghhhh! Guess how many people asked me for the autosave feature! I worked really hard on it (including an airplane flight to Japan!), not the next guy comes "can we disable that feature?".

Andreas Luedeke wrote:

By the way Stefan: is there a way to disable the whole draft message feature?

If people are used to e.g. the lazarus addon for firefox, they might prefer their browser to keep their drafts confidential, instead of suffering from accidental premature draft postings ;-)

Goto page Previous 1, 2, 3 ... 238, 239, 240 ... 803, 804, 805 Next

ELOG V3.1.5-3fb85fa6