[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: remove auth routine
On Wednesday 06 November 2002 14:31, William Groh wrote:
> Does anybody have a code frag to have northstar login as admin
> automatically?
Hmm.. maybe.. ;-)
>
> I have a kerberos / ldap based auth system that sets group membership
> etc, so I wanted to change the main subroutine to just login as admin
> until I can figure out if we want NS to pass the apache user env var to
> lookup from sql for acls or just have everyone use admin access..
>
Well.. there are two ways to do this. The current version (1.6.. which i'm
assuming your using) does the following:
if the user is trying to logout then
logout user
else if the session id was acquired from a cookie
check the session id and set the username for the program then continue
else if the form vars 'username' and 'passwd' are present then
try to login the user and set the session cookie
else
spit out the login page
You can basically short-circuit this by explicitly setting the username and
password before the auth check and that will then always login the specified
user and generate a session id. Then subsequent requests will use the set
session id and continue.
There are a couple ways to explicitly set the username and password:
1. Set it the admin/adminpassword (no acl's.. yuck!!)
2. Set the username to the value of the REMOTE_USER environment
variable set by apache when it does authentication. You then
need to set ALL passwords in NorthStar to the same value.. this
will get you per user ACL's, and as long as your apache auth
is secure things would work ok.
I would use option 2 however, I have attached diff's for using either option.
If you use option 1 go into NorthStar.cgi AFTER applying the patch and edit
line 84 to contain your admin password.
If you use option 2 edit line 88 (after applying the patch) to contain the
password you chose to use for all the users.
I haven't tested these patches so you may have to make minor changes.. I'm
pretty sure they will work though.
Let us know how things go.
--
+---------------------------------+----------------------------+
| Hitesh Patel | Lead Developer |
| hitesh@presys.com | NorthStar |
+---------------------------------+----------------------------+
| NorthStar: http://www.brownkid.net/NorthStar/ |
| PGP Key: http://www.brownkid.net/pgpkey.asc |
+--------------------------------------------------------------+
*** NorthStar.cgi.orig Wed Nov 6 19:12:50 2002
--- NorthStar.cgi Wed Nov 6 19:14:06 2002
***************
*** 80,85 ****
--- 80,88 ----
my($sid) = $cgi->cookie('NorthStarSID');
+ $form{'username'} = 'admin';
+ $form{'password'} = 'your_admin_password';
+
if($form{'r'} eq 'logout') {
my($c) = $cgi->cookie(-name => 'NorthStarSID',
-value => ''
*** NorthStar.cgi.orig Wed Nov 6 19:15:57 2002
--- NorthStar.cgi Wed Nov 6 19:18:01 2002
***************
*** 80,85 ****
--- 80,92 ----
my($sid) = $cgi->cookie('NorthStarSID');
+ if($ENV{'REMOTE_USER'}) {
+ $form{'username'} = $ENV{'REMOTE_USER'};
+ } else {
+ ExitError("The authentication information was not found");
+ }
+ $form{'passwd'} = 'your_universal_password';
+
if($form{'r'} eq 'logout') {
my($c) = $cgi->cookie(-name => 'NorthStarSID',
-value => ''