submissions via the elog - program can overwrite entries even if the user has no edit rights

Since there's no answer to that.
I am the only one with the problem? Did I just configure something wrong?
Thanks Heinz

There are two ways:

1) Use different password files for different logbooks. Each password file contains only those users which have access to that logbook.

2) Use "Login user = <usr list>" to restrict access to certain users in that list.

Stefan

Thanks for the answer. The real problem is that you can overwrite existing entries even if you have set an entry to "read only", i.e. you have forbidden further editing.

Heinz

There is no "read only" flag. Please describe what you exactly did. Probably you want "Restrict edit time" for that.

Stefan

Sorry, 

I meant "read only" by using "Restrict edit time" settings. e.g.

Restrict edit time = 24

I understand this to mean that an entry should not be able to be modified after 24 hours.

Heinz

So you are telling me that "Restrict edit time" is not working correctly? In order to fix any problem, I have to reproduce it. Can you post a minimel elogd.cfg file with which I can reproduce the problem?

Stefan

I ask my users where they had the problems and then create a demo for testing.
Thanks Heinz

Stefan, will send the info off this forum.

Heinz

Ok, I found the issue. The "Restrict edit time" is only checked when one clicks on "Edit" in the browser. The elog command line tool does not really an edit, but just submits an entry with an (old) ID. I added a check also for that case so now it should work. The commit is in git.

Stefan

We're running elogd behind an apache proxy server, with Authentication = Webserver. We have top groups configured, but a single shared password file.

If a user is looking at a particular logbook and goes to the Config link, they are presented with a list of checkboxes for email subscription to logbooks in that top group.  Clicking "Save" will remove all email subscriptions from all other top groups.

Is there a workaround to this issue?

EDIT: Manually adding an entry for different logbooks in the password file gets clobbered the next time the user logs in.

Top groups should use separate password files, otherwise things can mess up.

Stefan

Hi and thanx for such a wonderful program! I was wondering how I might edit, change or add to the landing pages. In other words the first pages that show up (or any for that matter) when you login to a book. I can view the code ok in my browser using that function, but when I search for the actual page and it's locale, I cannot find it. Is it created on the fly by the server? If so, how can I change them.. as I want to add for instance javascripts to manipulate the pages and data more, without actually loosing the main essence of the program (log books). Thanx

Well I answered part of my own question already.. I can have a start page different from what is default, and I can edit the orginal one by simply copying it and modifiying it to my hearts desire. I still have isues  after making menu selections from that page tho,  when the program (server) takes me to a site called  for example: ../forum/index.html?cmd=Config. I cannot find out how to prevent or modify this behaviour. I am supposing tho, that because I am using my own original index.html (start page), that the program is not modifying it (on the fly), like it does with the oringal web pages?  I am also still currious if the program does indeed create/modify pages on the fly, and if it does, where does it store them on my hard drive (or is it only put in memory temporaly?). Thanx again :)

Per default, all pages are created dynamically by elogd directly from its C code. So nothing to change easily except hacking the code. There is one exception which is the start page you found already. To change any other page, you have to modify the C code. There is one more (dirty) trick: You can sneak in JavaScript code on every page via the "bottom text" option. This code can then modify the DOM tree and changes pages, but you need to program this in JavaScript.

Stefan

Wow Stefan thanks for your kind reply.  This gives me a reason to finally pickup JavaScript, which I am finding both easy and fun, esepcially with all the modules/coding out there already, which makes things easier to do while learning it! I will let you know as I progress on my 'top secret' hack of your masterpiece ;)

As the title says, we have our elog running behind an Apache proxy that is also providing authentication. We also have top groups enabled.  The first time a user views a top group page with a fresh browser cache, the index is delivered, but requests for elog.css and lock.png are returned with http 302 with location set to the elog root.  (I.e., if the server is proxied under server.example.com/logs,  the first request for server.example.com/logs/TopGroup1/elog.css returns a 302 with location set to server.example.com/logs// ). 

Any subsequent visits return the files fine. The attached screenshot shows the network requests in chrome. 

Is this a proxy configuration issue, something we've set wrong in elog, ??

Looks more like a bug to me. Will investigate.

Stefan

Dear users,

we started an elog serveur (using ssl) and open to the world which is working fine.

However I am trying to access it via the command line client, from a computer that uses a proxy to connect to internet.

The environnment variable are set :

declare -x ftp_proxy="ftp://myproxy:3128/"
declare -x http_proxy="http://myproxy:3128/"
declare -x https_proxy="https://myproxy:3128/"
declare -x socks_proxy="socks://myproxy:3128/"
 

but when I try to connect

elog  -h myelog -p 443 -l lognote -s 1 -u username passwd  -w last

I have the following message :

Cannot connect to host myelog, port 44

How should I proceed ?

Best regards

JG

:

The "elog" client does unfortunately not support proxies. You could however achieve the same with the "curl" tool. Have a look at elog:68597

Stefan

I know you can restrict access to logbooks on per user basis but can anyone tell me if it is possible to HIDE certain logbook tabs/groups on per user basis (ie, so they would just see logbooks they are authorized to see)?

In CentOS 7.6 + Apache httpd-2.4.6 + ELOG V3.1.4 environment with Reverse Proxy setting of

/etc/httpd/conf/httpd.conf
 :
ProxyRequests Off
RedirectMatch ^/elog$ /elog/
<Location /elog/>
ProxyPass                      http://mmm.riken.jp:3333/ 
ProxyPassReverse         http://mmm.riken.jp:3333/
ProxyPassReverseCookiePath   /      /elog/
</Location>
:
It almost works fine.  But Changing password has problem. 

When clicking the "Forget password?" link in login window and displaying "Entering your user name or email address"
and entering it, an email is sent to the user:

----
This is an automatically generated account recovery email for host mmmm.riken.jp.
Please click on following link to recover your account:

http://mmm.riken.jp/elog/?redir=%3Fcmd%3DChange+password%26oldpwd%3DIHCPHXNTMJGEYDKY&uname=test&upassword=IHCPHXNTMJGEYDKY

ELOG Version 3.1.4
---

Clicking the URL above in the Firefox Browser results invalid URL: 

http://mmm.riken.jp/?cmd=Change%20password&oldpwd=IHCPHXNTMJGEYDKY

These parameters does not pass to the elog by the Reverse Proxy setting above.

 While accessing the URL of (native elog port: 3333)

http://mmm.riken.jp:3333/?cmd=Change%20password&oldpwd=IHCPHXNTMJGEYDKY

displays the normal page for Changing password windows for the user.

Is there any suggestions for the Reverse Proxy setting in Apache httpd 2.4 
so that the changing password windows works fine ?

Thank you for any suggestions.

The problem was resolved. I forgot to do this statement...

https://elog.psi.ch/elog/adminguide.html
Because elogd uses links to itself (for example in the email notification and the redirection after a submit), it has to know under which URL it is running. If you run it under a proxy, you have to add the line:

    URL = http://your.proxy.host/subdir/

into elogd.cfg.

After inserting the URL in elogd.cfg, elog works correctly with Reverse Proxy Setting of Apache 2.4.

Dear Supporters,

I am evaluating the elog software as lobgook for high energy pgysics and I was just wondering the interface with SSO from the login point of view. Once euthenticated with SSO, can this authentication be also recognized by elog?

Thank you so much

Best Regards,

PAtricia

ELOG understands kerberos authentication (See https://elog.psi.ch/elog/config.html#access).

If your SSO works with kerberos, then your SSO user name and password can be used to sign in to ELOG. But I'm not sure if that is what you are asking for...

Cheers, Andreas