| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
67883
|
Wed May 6 12:31:04 2015 |
 | Christof Hanke | hanke@rzg.mpg.de | Comment | All | 3.1.0 | Documentation of the webserver authentication |
Hi Stefan,
here is a draft of how you could describe the webserver authentication in your docs.
T/Christof |
| Attachment 1: webserver_auth_doc.patch
|
diff --git a/doc/adminguide.html b/doc/adminguide.html
index da25388..0568ae3 100755
--- a/doc/adminguide.html
+++ b/doc/adminguide.html
@@ -243,6 +243,37 @@ URL = http://your.proxy.host/subdir/
into elogd.cfg.<p>
+<h3><hr><i>Using apache authentication:</i></h3>
+It is also possible to login via an apache-auth module.
+In elogd.cfg you should use the keyword "Webserver" for Authentication:
+
+<ul><pre>
+Authentication = Webserver
+</pre></ul>
+This triggers elogd to use the environment variable "X-Forwarded-User" as the logged in user.
+A simple example of a apache configuration (including the proxy) is :
+<ul><pre>
+# this required to pass on the generated env-variable X-Forwarded-User to the proxy
+ProxyPassInterpolateEnv On
+
+ProxyPass /elog/ http://your.host.domain:8080/
+
+<Location "/elog">
+ Order allow,deny
+ Allow from all
+ AuthType Basic
+ AuthName "elog-server"
+ AuthUserFile "/opt/elog/htpasswd"
+ require valid-user
+ RequestHeader unset Authorization
+ RequestHeader add X-Forwarded-User %{REMOTE_USER}s
+ # elog doesn't like the '@', so we need to cut it
+ RequestHeader edit X-Forwarded-User "@(.*)$" ""
+</Location>
+</pre></ul>
+
+
+
<hr><a name="imagemagick"> <div class=section> Installing ImageMagick </div> <p>
When images are attached to ELOG entries, thumbnails can be created for quick preview.
This works also for PDF and PostScript files. ELOG forwards any image operation
diff --git a/doc/config.html b/doc/config.html
index 9848f58..9e98855 100755
--- a/doc/config.html
+++ b/doc/config.html
@@ -2207,6 +2207,22 @@ Options Location = Main Building{a}, New Building{b}, Old Building{c}
you have to change your password by other means (such as via the Windows
login if you use a Windows Domain).
</p>
+ <p>
+ Beside the Kerberos authentication, elogd version 3.0 and higher can be configured to accept a authentication done
+ by the webserver.
+ <ul>
+ <li>
+ <b><code>Authentication = Webserver</code></b>
+ </li>
+ </ul>
+ </p>
+ <p>
+ You can also combine it with other authentication methods as shown for Kerberos.
+ </p>
+ <p>
+ Elogd is then accepting the username set in the Request-Header "X-Forwarded-User" as already logged in.<br/>
+ To make this work, you need to configure the webserver correctly, as describe in the adminguide.
+ </p>
<p>
<a name="email" id="email"></a>
|
|
67915
|
Wed May 20 01:45:09 2015 |
| Konstantin Olchanski | olchansk@triumf.ca | Bug report | Linux | 3.1.0 | elogd complains about unknown cookies |
elogd is spewing these messages about unknown cookies:
Received unknown cookie "is_returning"
Received unknown cookie "__utma"
Received unknown cookie "__utmz"
Received unknown cookie "SSESSee3cc9c70bedf9a840203765bf409d7b"
Received unknown cookie "SESSee3cc9c70bedf9a840203765bf409d7b"
Received unknown cookie "MidasWikiUserID"
Received unknown cookie "MidasWikiUserName"
Received unknown cookie "MidasWiki_session"
K.O. |
|
67916
|
Wed May 20 01:49:37 2015 |
| Konstantin Olchanski | olchansk@triumf.ca | Bug report | Linux | 3.1.0 | elconv deletes everything |
Converting from elog 2.9.something to new elog 3.1.0 elogd refuses to start, instructs running elconv in one logbook.
When I do so, elconv converts a existing mhttpd-style elog entries to the new format (the corresponding new-format entries already exist)
and deletes everything else - this is very bad.
So there are 2 bugs:
- elogd should not tell us to run elconv when both old-style and corresponding new-style elog entries exist
- elconv should not delete all existing new-style elog entries.
I confirm that elconv *does* delete all new-style elog entries - with strace, I see it issue "unlink" on every elog entry.
What a disaster!
K.O. |
|
67917
|
Wed May 20 01:52:23 2015 |
| Konstantin Olchanski | olchansk@triumf.ca | Bug report | Other | this one | this elog errors sending email |
this elog gives errors sending mail through PSI email server. (did not capture the error messages, sorry). K.O. |
|
67918
|
Wed May 20 01:54:55 2015 |
| Konstantin Olchanski | olchansk@triumf.ca | Bug report | Other | this one | edit somebody else's draft |
this elog offers me to edit a draft message, then yells at me "only some other user can edit this draft!!!".
methinks I should only be offered to edit draft messages that I own or I can edit. K.O. |
|
67919
|
Wed May 20 01:59:17 2015 |
| Konstantin Olchanski | olchansk@triumf.ca | Bug report | Linux | 3.1.0 | elogd moves elog entries |
elogd 3.1.0 moves all elog entries into year-named subdirectories. this feature makes it incompatible with older elogs and so should be clearly mentioned in the documentation,
in the release announcement and in the release and migration notes. K.O. |
|
67947
|
Thu Jun 4 00:08:56 2015 |
| Stephen G | swgallman@bpa.gov | Question | Windows | 3.1 | LDAP docs |
Could someone point me to the LDAP configuration docs, I searched to no avail. I'm sure there is some big red ldap config button it, but I just can't find it. |
|
67948
|
Thu Jun 4 00:10:32 2015 |
| Stephen G | s@g.com | Question | Windows | 3.1 | Duplicate: LDAP docs |
This is a duplicate, made by mistake.
Could someone point me to the LDAP configuration docs, I searched to no avail. I'm sure there is some big red ldap config button it, but I just can't find it. |