User-Authentification just by some ENV-Variables

[uherbst]

Apache set some ENV-Variables (REMOTE_USER), if user are authorized (by .htaccess and similar).

Could knowlegderoot just accept these users as authorized without additional login ?

Uli

[admin]

Hi,

it is not possible out of the box. But i think it could be implemented.

regards,
Frank

[uherbst]

Could i ask you to implement this ? Or maybe you can give me a hint where to look for in the source ?

Uli

[admin]

Hi,

i will check this(hope tody) and will let you know what we do

regards,
Frank

[admin]

Hi,

i have checked the stuff now.

It should be possible to use an htaccess authentification with knowledgeroot!

I could write a small extension for this. But we need to clear some things.

1. Did you also have the ENV Vars PHP_AUTH_USER and PHP_AUTH_PW?
2. Should the users exists in knowledgeroot?
3. Should a normal login also work?

regards,
Frank

[uherbst]

1. No, we haven't PHP_AUTH_USER and PHP_AUTH_PW. We have just (as CGI standard) REMOTE_USER. And if REMOTE_USER is set, we know, that this user is authenticated by Apache (or by webseal in my case)
2. Yes. If the user set by REMOTE_USER doesn't exist in knowledgeroot, he is just allowed to see guest pages (or something similiar) or maybe nothing. New users will be administrated manually.
3. No. If this new feature is enabled, no normal login should work.

Uli

[admin]

Hi,

i have test this with a php cgi installation.
Now, i have only the server var REDIRECT_REMOTE_USER not REMOTE_USER itself. But i think this is not a problem. That could be configured in the extension itself later.

The login/logout will be disabled with the extension.

So, if the user is not found in knowledgeroot it will be a guest.
If the user exists it will use the rights and all the stuff you have configured from knowledgeroot.

Is that the way we go?

I could/would create a extension to get this working.

regards,
Frank