ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
67883
|
Wed May 6 12:31:04 2015 |
| Christof Hanke | hanke@rzg.mpg.de | Comment | All | 3.1.0 | Documentation of the webserver authentication | Hi Stefan,
here is a draft of how you could describe the webserver authentication in your docs.
T/Christof |
Attachment 1: webserver_auth_doc.patch
|
diff --git a/doc/adminguide.html b/doc/adminguide.html
index da25388..0568ae3 100755
--- a/doc/adminguide.html
+++ b/doc/adminguide.html
@@ -243,6 +243,37 @@ URL = http://your.proxy.host/subdir/
into elogd.cfg.<p>
+<h3><hr><i>Using apache authentication:</i></h3>
+It is also possible to login via an apache-auth module.
+In elogd.cfg you should use the keyword "Webserver" for Authentication:
+
+<ul><pre>
+Authentication = Webserver
+</pre></ul>
+This triggers elogd to use the environment variable "X-Forwarded-User" as the logged in user.
+A simple example of a apache configuration (including the proxy) is :
+<ul><pre>
+# this required to pass on the generated env-variable X-Forwarded-User to the proxy
+ProxyPassInterpolateEnv On
+
+ProxyPass /elog/ http://your.host.domain:8080/
+
+<Location "/elog">
+ Order allow,deny
+ Allow from all
+ AuthType Basic
+ AuthName "elog-server"
+ AuthUserFile "/opt/elog/htpasswd"
+ require valid-user
+ RequestHeader unset Authorization
+ RequestHeader add X-Forwarded-User %{REMOTE_USER}s
+ # elog doesn't like the '@', so we need to cut it
+ RequestHeader edit X-Forwarded-User "@(.*)$" ""
+</Location>
+</pre></ul>
+
+
+
<hr><a name="imagemagick"> <div class=section> Installing ImageMagick </div> <p>
When images are attached to ELOG entries, thumbnails can be created for quick preview.
This works also for PDF and PostScript files. ELOG forwards any image operation
diff --git a/doc/config.html b/doc/config.html
index 9848f58..9e98855 100755
--- a/doc/config.html
+++ b/doc/config.html
@@ -2207,6 +2207,22 @@ Options Location = Main Building{a}, New Building{b}, Old Building{c}
you have to change your password by other means (such as via the Windows
login if you use a Windows Domain).
</p>
+ <p>
+ Beside the Kerberos authentication, elogd version 3.0 and higher can be configured to accept a authentication done
+ by the webserver.
+ <ul>
+ <li>
+ <b><code>Authentication = Webserver</code></b>
+ </li>
+ </ul>
+ </p>
+ <p>
+ You can also combine it with other authentication methods as shown for Kerberos.
+ </p>
+ <p>
+ Elogd is then accepting the username set in the Request-Header "X-Forwarded-User" as already logged in.<br/>
+ To make this work, you need to configure the webserver correctly, as describe in the adminguide.
+ </p>
<p>
<a name="email" id="email"></a>
|
67882
|
Wed May 6 11:00:14 2015 |
| Christof Hanke | hanke@rzg.mpg.de | Request | All | 3.1.0 | logout to external page | Hi Stefan,
I am happy to see that you include the webserver authentication.
So I can now login at some other page and then access elog.
However, I would also need some means of logging out some where else.
For this I propose a new Configuration option "Logout to page" which redirects to another page if set and "Logout to main" is 0.
See the attached patch (against git HEAD)
Does this make sense to you ?
Christof
PS: Many thanks for the autosave mode, I already used it ;-)
|
Attachment 1: logout_to_page.patch
|
diff --git a/src/elogd.c b/src/elogd.c
index 601639c..0f976be 100755
--- a/src/elogd.c
+++ b/src/elogd.c
@@ -27975,6 +27975,11 @@ void interprete(char *lbook, char *path)
if (getcfg(lbs->name, "Logout to main", str, sizeof(str)) && atoi(str) == 1) {
sprintf(str, "../");
setparam("redir", str);
+ } else {
+ getcfg(lbs->name, "Logout to page", str, sizeof(str));
+ if (str[0]) {
+ setparam("redir", str);
+ }
}
set_sid_cookie(lbs, "", "");
sid_remove(getparam("sid"));
|
67881
|
Tue May 5 12:17:24 2015 |
| Andreas Luedeke | andreas.luedeke@psi.ch | Bug report | Linux | 3.1.0 | Re: Problem with autosave functionality when combined with no 'edit' button | Oups, now I feel almost a little bit sorry for asking But thank you anyway!!!
You should see it that way: there are millions of possible applications for a smart electronic logbook like ELOG, and most possible combinations of flags and options will make sense for some of them
Stefan Ritt wrote: |
Arghhhh! Guess how many people asked me for the autosave feature! I worked really hard on it (including an airplane flight to Japan!), not the next guy comes "can we disable that feature?".
I agree that this feature has many side effects, and I have to adress one by one, but in the end the community will benefit. Think of starting a draft at one computer, and finishing at another one. Lazarus won't help you there.
Nevertheless , I added a "Save drafts" which you can set to zero. But I would rather prefer if people tell me their problems, and I fix them, instead of siletnly just disabling this feature and keeping the bugs there unresolved.
Andreas Luedeke wrote: |
By the way Stefan: is there a way to disable the whole draft message feature?
If people are used to e.g. the lazarus addon for firefox, they might prefer their browser to keep their drafts confidential, instead of suffering from accidental premature draft postings ;-)
|
|
|
67880
|
Tue May 5 12:09:53 2015 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | Linux | 3.1.0 | Re: Problem with autosave functionality when combined with no 'edit' button | Arghhhh! Guess how many people asked me for the autosave feature! I worked really hard on it (including an airplane flight to Japan!), not the next guy comes "can we disable that feature?".
I agree that this feature has many side effects, and I have to adress one by one, but in the end the community will benefit. Think of starting a draft at one computer, and finishing at another one. Lazarus won't help you there.
Nevertheless , I added a "Save drafts" which you can set to zero. But I would rather prefer if people tell me their problems, and I fix them, instead of siletnly just disabling this feature and keeping the bugs there unresolved.
Andreas Luedeke wrote: |
By the way Stefan: is there a way to disable the whole draft message feature?
If people are used to e.g. the lazarus addon for firefox, they might prefer their browser to keep their drafts confidential, instead of suffering from accidental premature draft postings ;-)
|
|
67879
|
Tue May 5 12:05:47 2015 |
| Stefan Ritt | stefan.ritt@psi.ch | Bug report | Linux | 3.1.0 | Re: Problem with autosave functionality when combined with no 'edit' button | I changed the code such that editing of draft messages is always possible, even if the "edit" command is not allowed otherwise. Update is in GIT. Please check if that works at ND280.
Thomas Lindner wrote: |
We recently tried upgrading the ND280 elog instance to elog 3.1.0. [1] We seem to have some problems with this 'auto-save' functionality. Specifically, it doesn't seem to play nice with the fact that we prefer to disable user's ability to edit old messages. So we have (up to now), had the following set of commands specified in elogd.ccfg
Menu commands = List, New, Reply, Delete, Duplicate, Copy to, Move to, Find, Help
The problem is that we now get auto-saved messages, but no ability for the user to actually go back and finish the draft message. You can see an example of this state in this test elog
http://neut17.triumf.ca:8080/demo/
Clicking on the draft message you can see that it can't be editted. If you try to click 'new' then edit the draft, you get the message 'Error: Command "Edit" not allowed'. So we had zombie draft messages, until we added the edit command back; but that defeats our preference that users not mess up old messages.
In general this auto-saving seems like a useful feature. So the ideal solution for me would be to have some mode where users could edit/finish draft messages, but where we could still disable users from editting completed/finished messages. Ie, where we can omit 'Edit' from the menu command, but still get auto-save.
A less ideal, but perhaps simpler solution would be that if an elog has omitted 'Edit' from the menu commands, then this auto-save/save functionality is disabled so that we don't get uneditable draft messages.
[1] https://midas.psi.ch/elogs/Forum/67855
|
|
67878
|
Tue May 5 11:01:36 2015 |
| Andreas Luedeke | andreas.luedeke@psi.ch | Bug report | Linux | 3.1.0 | Re: Problem with autosave functionality when combined with no 'edit' button | Hi Thomas,
just my two cent: as a quick workaround (for now) you could restrict editing messages to a short time range, like 30 minutes. That would cover most cases of draft messages.
Restrict edit time = 0.5
But I agree that it probably makes no sense to limit the editing of draft messages: Stefan will probably fix this soon.
By the way Stefan: is there a way to disable the whole draft message feature?
If people are used to e.g. the lazarus addon for firefox, they might prefer their browser to keep their drafts confidential, instead of suffering from accidental premature draft postings ;-)
Thomas Lindner wrote: |
We recently tried upgrading the ND280 elog instance to elog 3.1.0. [1] We seem to have some problems with this 'auto-save' functionality. Specifically, it doesn't seem to play nice with the fact that we prefer to disable user's ability to edit old messages. So we have (up to now), had the following set of commands specified in elogd.ccfg
Menu commands = List, New, Reply, Delete, Duplicate, Copy to, Move to, Find, Help
The problem is that we now get auto-saved messages, but no ability for the user to actually go back and finish the draft message. You can see an example of this state in this test elog
http://neut17.triumf.ca:8080/demo/
Clicking on the draft message you can see that it can't be editted. If you try to click 'new' then edit the draft, you get the message 'Error: Command "Edit" not allowed'. So we had zombie draft messages, until we added the edit command back; but that defeats our preference that users not mess up old messages.
In general this auto-saving seems like a useful feature. So the ideal solution for me would be to have some mode where users could edit/finish draft messages, but where we could still disable users from editting completed/finished messages. Ie, where we can omit 'Edit' from the menu command, but still get auto-save.
A less ideal, but perhaps simpler solution would be that if an elog has omitted 'Edit' from the menu commands, then this auto-save/save functionality is disabled so that we don't get uneditable draft messages.
[1] https://midas.psi.ch/elogs/Forum/67855
|
|
67877
|
Tue May 5 10:54:54 2015 |
| Andreas Luedeke | andreas.luedeke@psi.ch | Question | Windows | 3.1.0-3 | Re: Load attribute options from attributes in another logbook | > Hi again,
> Hope I'm not draining to much time from you guys !
>
> here is the scenario (fake one just to understand the logic..):
> My main logbook as a Option attribute Called "Electrician availables"
> My second logbook is a list of workers and there capacities Moptions : "Electrician", "Plumber", "Genius"
>
> So my question is:
>
> Is it possible to load my main logbook attribute "Electrician availables" Options based on all the "Electrician" found under my second logbook ?
>
> Thanks :)
I think that this is neither possible nor reasonable. Of course everything is possible with shell- and java-scripting, but that would be a software
package on top of ELOG.
Keep in mind we are talking about an electronic logbook here, not about a relational database.
Cheers
Andreas |
67876
|
Tue May 5 09:22:23 2015 |
| Andreas Luedeke | andreas.luedeke@psi.ch | Question | Windows | V3.1.0-5be | Re: Subst Attributes... | > Wow !!! Im impressed :):):) I didn't expect such a fast reply !!!
>
> Thanks alot Stefan, I will try it right away !!
>
> Andreas, I really like the idea of hiding attrib 1 and attrib2 and fill attrib3 with a script (I guess using elog.exe command line) ?
> I play a little with it and I can modify an attribute with the command line but I cant figure how to set the cell style based on the attrib2 and
> replace attrib3 value with attrib1 value... (basically I need help !!!) do you think you could help me ?
The downside of a script is, that it needs to execute on the server: you need to have the proper syntax for the shell of your operating system.
Here's a little example for a bash shell script, just to give you an idea (that would be for Linux, I have no experience with Windows):
Allow HTML = 1
Attributes = person, mood, color
Default encoding = 2
Options person = John, Bill, Kate
Options mood = calm, upset
Subst color = $shell(if [ "$mood" == "calm" ] ;then echo "green"; else echo "red";fi)
Change person = <font color="$color">$person</font>
List Change person = <font color="$color">$person</font>
Show Attributes = person, mood
Show Attributes Edit = person, mood
List display = ID, Date, person
Disclaimer: When I've tested it locally the HTML was displayed as source. Stefan, any idea? (ELOG V3.1.0-5be245e) |
|