| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
66956
|
Thu Nov 25 17:34:28 2010 |
 | Christoph Kukulies | kukulies@physik.rwth-aachen.de | Question | Linux | 2.8.0-2313 | Re: Don't see login page - Self register = 1 |
| Yoshio Imai wrote: | Hi!
| Christoph Kukulies wrote: | I cannot get the login screen. I'm connecting to a logbook (and I can do this without logging in).
Shouldn't I get a screen to login/register? |
| Christoph Kukulies wrote: | | Guest menu commands = List, Find, Login, Help |
I might be wrong, but since you have defined "Guest menu commands", you should indeed be able to read the logbooks without logging on, only write access should be prevented. Do you get the login window when you explicitly click onto the "Login" link?
Also, I noticed that your user lists are space-separated, although as far as I know they should be comma-separated.
I hope this helps!
Yoshio |
Thanks. That was exactly what Stefan pointed me to (in private EMail which I resorted to in my desperation  .
This config (also thanks to Stefan) now works.
[global]
Port=8880
SSL=1
Self register = 1
Password file = passwd
[Demo]
Attributes = Author, Status
[Linux]
Attributes = Author, Status
[Windows]
Attributes = Author, Status
I only need to know how I get an admin passwd and user into the passwd file.
elogd -a password -l logbook does not have the desired effect. It spoils the cfg-file
again with Admin Password commands.
--
Christoph |
|
66959
|
Fri Nov 26 12:31:42 2010 |
 | Christoph Kukulies | kukulies@physik.rwth-aachen.de | Question | Linux | 2.8.0-2344 | New User in Config Menu ? | I see only Save Back Change Password Remove User in Config Menu.
How can I create a New User?
[global]
Port=8880
SSL=1
;Self register = 1
Password file = passwd
admin user = kuku
SMTP host = smtp.mydomain
[Demo]
Attributes = Author, Status
The documentation is mentioning a Config Menu and a New User item there.
--
Christoph
|
|
66961
|
Fri Nov 26 16:22:05 2010 |
| Christoph Kukulies | kukulies@physik.rwth-aachen.de | Question | Linux | 2.8.0-2344 | Re: New User in Config Menu ? |
| Stefan Ritt wrote: |
|
| Christoph Kukulies wrote: |
|
I see only Save Back Change Password Remove User in Config Menu.
How can I create a New User?
[global]
Port=8880
SSL=1
;Self register = 1
Password file = passwd
admin user = kuku
SMTP host = smtp.mydomain
[Demo]
Attributes = Author, Status
The documentation is mentioning a Config Menu and a New User item there.
|
You have to be admin user to see that Config Menu.
Admin user = kukulies (or whatever your login name is)
|
Thanks. You see in the elogd.cfg above that there is
admin user = kuku
Aaah, case sensitive ! !
--
Christoph
|
|
67142
|
Wed Nov 2 10:49:02 2011 |
| Christoph Kukulies | kukulies@physik.rwth-aachen.de | Question | Linux | 2.8.0 | multiple homes? | Is it possible to have many roots with one elogd (or run several elogds), such that you can seaparate different groups or themes from each other:
electronics
trigger
power
mechanics
detector
support
Thanks.
Christoph
|
|
67145
|
Mon Nov 7 10:12:04 2011 |
| Christoph Kukulies | kukulies@physik.rwth-aachen.de | Question | Linux | 2.8.0 | Re: multiple homes? |
| Stefan Ritt wrote: |
|
| Christoph Kukulies wrote: |
|
Is it possible to have many roots with one elogd (or run several elogds), such that you can seaparate different groups or themes from each other:
electronics
trigger
power
mechanics
detector
support
Thanks.
Christoph
|
Have a look at "top groups" in the documentation
|
Thanks. I got it working so far. One minor glitch:
I have one topgroup (with 2 subgroups),
electronics
trigger
power
and onother topgroup (only 1 subgroup)
mechanics
detector
When I get the login screen for the second (with the only one subgroup) it says in the header:
"Several logbooks are defined on this host. Please select the one to connect to:"
and below only the one group (detector) is shown, so actually nothing to select.
This may be possibly achieved by not defining a subgroup for the second one and leaving it as a topgroup,
but I don't know how it behaves, when the group admin decides to create a subgroup. Can he do
without requiring superuser or elog permissions?
--
Christoph
|
|
67178
|
Mon Jan 30 09:31:51 2012 |
| Christof Hanke | hanke@rzg.mpg.de | Question | Linux | 2.9.0 | Re: el cheapo LDAP binding | Hi Christian,
I have also the need to do auth on the webserver, but I tried to integrate it into elogd as far as I could.
However, I do not try to set a special cookie to set the username, but always use
"X-Forwarded-User". Like this, every request is authenticated by the webserver in front.
If that's not too heavy for you, try out the applied patch.
HTH,
Christof
PS:
@Stefan:
If you are willing to integrate this into the official tree,
I can provide some docs for it (like setting author
directly etc.)
-----------------------------------------------------------------
Christof Hanke e-mail hanke@rzg.mpg.de
RZG (Rechenzentrum Garching) phone +49-89-3299-1041
Computing Center of the Max-Planck-Gesellschaft (MPG) and the
Institut für Plasmaphysik (IPP)
| Christian Herzog wrote: |
|
Hi all,
we would like to hook elog to our LDAP server. Instead of writing a full-featured LDAP auth module for elog, I have the following idea: use Apache's LDAP module to require LDAP auth for a single logbook:
<Location /elog/admin>
Use PhysLDAP
Use RequirePhysLDAPGroup isg
RewriteEngine On
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader add X-Forwarded-User %{RU}e
</Location>
the two Use statements are Apache macros that define our LDAP settings. The last 4 lines are necessary for Apache to pass on the logged in user to the proxied elog (ends up in ENV X-Forwarded- User).
In elogd.c, I added
/* extract REMOTE_USER */
if ((p = strstr(request, "X-Forwarded-User:")) != NULL) {
p += 17;
while (*p && *p == ' ')
p++;
strlcpy(remote_user, p, sizeof(remote_user));
if (strchr(remote_user, '\r'))
*strchr(remote_user, '\r') = 0;
char sid[32];
/* get a new session ID */
sid_new(NULL, remote_user, (char *) inet_ntoa(rem_addr), sid);
/* set SID cookie */
set_sid_cookie(NULL, sid);
// TODO: set lbs!
}
to process_http_request in order to extract the LDAP login. I have managed to populate the author field with remote_user, but what I'd really like is to write a cookie containing this login name so that session handling kicks in. You can see that I attempt to write a cookie, but elogd segfaults at set_sid_cookie() (gdb backtrace:
set_cookie (lbs=0x0, name=0x483b22 "sid", value=0x7ffffffd7590 "4831386B7B333A99",
global=0, expiration=0x7ffffffd7300 "")
Would anyone be willing to help me with this? I'm not at all familiar with the program flow in elogd and my C is a bit rusty...
thanks,
-Christian
--
Dr. Christian Herzog <herzog@phys.ethz.ch> support: +41 44 633 26 68
IT Services Group, HPT H 8 voice: +41 44 633 39 50
Department of Physics, ETH Zurich
8093 Zurich, Switzerland http://nic.phys.ethz.ch/
|
|
|
67882
|
Wed May 6 11:00:14 2015 |
 | Christof Hanke | hanke@rzg.mpg.de | Request | All | 3.1.0 | logout to external page | Hi Stefan,
I am happy to see that you include the webserver authentication.
So I can now login at some other page and then access elog.
However, I would also need some means of logging out some where else.
For this I propose a new Configuration option "Logout to page" which redirects to another page if set and "Logout to main" is 0.
See the attached patch (against git HEAD)
Does this make sense to you ?
Christof
PS: Many thanks for the autosave mode, I already used it ;-)
|
|
67883
|
Wed May 6 12:31:04 2015 |
 | Christof Hanke | hanke@rzg.mpg.de | Comment | All | 3.1.0 | Documentation of the webserver authentication | Hi Stefan,
here is a draft of how you could describe the webserver authentication in your docs.
T/Christof |
|