Re: restrict access, posted by Stefan Ritt on Thu Jun 22 11:38:38 2006
|
> > You get a login page instead of the selection page if the "Password file = " statement is in the [global]
section
> > and "Protect selection page = 1". You might have to delete all cookies in your browser if you move the password
> > file statement between the [global] and the logbook sections, because otherwise the old cookies might
prevent you
> > from logging out.
>
> This is not working for me, in Mozilla Firefox I'm still getting a blank page, where IE is giving me an error
> stating that the page is unavailable
If I use following config file:
[global]
port = 8080
password file = passwd
protect selection page = 1
[demo1]
Attributes = Author, Type, Category, Subject
[demo2]
Attributes = Author, Type, Category, Subject
then I don't get a blank page. An unavailable page you should only get whan you use top groups, and want to
access the root. |
|
Re: restrict access, posted by Gerald Ebberink on Thu Jun 22 12:10:00 2006
|
> > > You get a login page instead of the selection page if the "Password file = " statement is in the [global]
> section
> > > and "Protect selection page = 1". You might have to delete all cookies in your browser if you move the password
> > > file statement between the [global] and the logbook sections, because otherwise the old cookies might
> prevent you
> > > from logging out.
> >
> > This is not working for me, in Mozilla Firefox I'm still getting a blank page, where IE is giving me an error
> > stating that the page is unavailable
>
> If I use following config file:
>
>
> [global]
> port = 8080
> password file = passwd
> protect selection page = 1
>
> [demo1]
> Attributes = Author, Type, Category, Subject
>
> [demo2]
> Attributes = Author, Type, Category, Subject
>
>
> then I don't get a blank page. An unavailable page you should only get whan you use top groups, and want to
> access the root.
I use the folowing file and do get this error (the company names and other sensitive information has been changed to
something simular but not so sensitive)
[global]
logbook tabs = 1
port = 80
Logbook dir = /srv/elog/logbooks/
URL = http://my.domain/
Protect selection page = 1
Password file = /srv/elog/passwords/main.passwd
Self register = 0
Admin user = Gerald
Group World = Procedures, Work
Group Work = Company, Company2
Group Company = twiddle
Group twiddle = Panels, Bond
[Procedures]
Theme = default
Comment = General Procedures for use with
Attributes = Author, Category, Subject
Options Category = Maintenance, Alignment
Required Attributes = Author, Category
Subdir = Some/dir
[Company2]
Theme = default
Comment = Company2 project Page
Attributes = Author, Category, Subject
Options Category = Scheduling, During Progress, During measuring, After
Required Attributes = Author
Subdir = some/dir
[Panels]
Theme = default
Attributes = Author, Category, Subject
Options Category = Scheduling, During Progress, During measuring, After
Required Attributes = Author
Subdir = Some/dir
Expand default = 2
Protect selection page = 1
[bond]
Theme = default
Attributes = Author, Category, Subject
Options Category = Scheduling, During Progress, During measuring, After
Required Attributes = Author
Subdir = some/dir |
Re: restrict access, posted by Stefan Ritt on Fri Jun 23 12:29:30 2006 
|
Even with your config file (I just changed the URL) I get the correct behaviour:
and after I supply my credentials:
My full elogd.cfg is attached for your reference.
I'm pretty sure that you did not delete your old cookies. Try from another computer. Make sure to have the most recent version of elog. Start the elogd daemon with the "-v" flag and watch the communication. I get for example:
GET / HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.4) Gecko/20
060508 Firefox/1.5.0.4
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plai
n;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: urem=1
==== Return ================================
....
As you can see, only the "urem" cookie is present. After I logged in, I get:
Cookie: urem=1; unm=stefan; upwd=Z2suZgFszgg==
These cookies identify you as logged in, so the login screen does not appear any more. |
|
Re: restrict access, posted by Gerald Ebberink on Fri Jun 23 13:16:57 2006
|
My full elogd.cfg is attached for your reference.
I'm pretty sure that you did not delete your old cookies. Try from another computer. Make sure to have the most recent version of elog. Start the elogd daemon with the "-v" flag and watch the communication. I get for example:
Well actualy these old cookies don't exist, but I found an error in the verbose mode.
GET / HTTP/1.1
Host: hostname
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.4) Gecko/20060608 Ubuntu/dapper-security Firefox/1.5.0.4
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: urem=0
Remote host "hostname" matches "ALL" in "Hosts deny". Access denied.
Remote host "hostname" matches "hostname" in "Hosts allow". Access granted.
Internal error, no valid header!
As you can see, I have implemented a temporary fix in the way of allowing only certain hosts access.
But where does this Internal error come from.
I use the standard packaged version of elog (V2.6.1) from the Ubuntu repositories. |
|
Re: restrict access, posted by Stefan Ritt on Fri Jun 23 13:43:03 2006
|
| Gerald Ebberink wrote: | | As you can see, I have implemented a temporary fix in the way of allowing only certain hosts access. But where does this Internal error come from. |
I only can identify this error if you send me your current ("de-sensified") elogd.cfg. |
|
Re: restrict access, posted by Gerald Ebberink on Fri Jun 23 14:57:02 2006
|
| I only can identify this error if you send me your current ("de-sensified") elogd.cfg. |
Here you are.. |