From: Martin Knoblauch <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED]To: Ramon Bastiaans <[EMAIL PROTECTED]>,Ganglia Developers <ganglia-developers@lists.sourceforge.net>Subject: Re: [Ganglia-developers] [patch] private cluster authenticate fix Date: Sat, 10 Sep 2005 10:45:49 -0700 (PDT) Hi, comments on the patch? My php is not good enough to evaluate the change, but I am inclined to commit it if I get one or more ACKs. Cheers Martin --- Ramon Bastiaans <[EMAIL PROTECTED]> wrote: > Hi guys, > > I noticed that HTTP authentication was not working in auth.php. Since > > php4 the variables changed for this to work. > I created a little patch that will make it work again. > > Kind regards, > - Ramon. > > -- > .--------------------------------------------. > | ing. Ramon Bastiaans | > | HPC - Systems Programmer | > |--------------------------------------------| > | SARA - Computing and Networking Services | > | Kruislaan 415 PO Box 194613 | > | 1098 SJ Amsterdam 1090 GP Amsterdam | > |--------------------------------------------| > | Mail: bastiaans ( a t ) sara ( d o t ) nl | > | Web: http://www.sara.nl/ | > | Phone: +31 (0)20 592 80 19 | > | Fax: +31 (0)20 668 31 67 | > `--------------------------------------------' > > > --- ganglia-3.0.1/web/auth.php 2005-02-02 19:24:14.000000000 +0100 > +++ ./auth.php 2005-08-30 10:07:47.182962576 +0200 > @@ -43,19 +43,20 @@ > > #------------------------------------------------------------------------------- > function checkprivate() > { > - global $clustername, $context, $PHP_AUTH_PW; > + global $clustername, $context; > + > # Allow the Meta context page. > if ($context=="meta") { return; } > > $private=embarrassed(); > if ($private[$clustername]) { > #echo "The password for $clustername is > $private[$clustername]<br>"; > - if (empty($PHP_AUTH_PW)) { > + if (empty($_SERVER['PHP_AUTH_PW'])) { > authenticate(); > } > else { > # Check password (in md5 format). Username does not matter. > - if (md5($PHP_AUTH_PW) != $private[$clustername]) { > + if (md5($_SERVER['PHP_AUTH_PW']) != $private[$clustername]) { > authenticate(); > } > } > @@ -68,17 +69,17 @@ > # The control room is always embarrassed. > function checkcontrol() > { > - global $context, $PHP_AUTH_PW; > + global $context; > > if ($context != "control") { return; } > > - if (empty($PHP_AUTH_PW)) { > + if (empty($_SERVER['PHP_AUTH_PW'])) { > authenticate(); > } > else { > #echo "You entered password ". md5($PHP_AUTH_PW) ." > ($PHP_AUTH_PW)<br>"; > $private=embarrassed(); > - if (md5($PHP_AUTH_PW) != $private["controlroom"]) { > + if (md5($_SERVER['PHP_AUTH_PW']) != $private["controlroom"]) { > authenticate(); > } > } > ------------------------------------------------------ Martin Knoblauch email: k n o b i AT knobisoft DOT de www: http://www.knobisoft.de ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Ganglia-developers mailing list Ganglia-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ganglia-developers
Looks like a simple enough change to take the Apache basic authentication
password from PHP built-in global array, _SERVER.
I am assuming using $PHP_AUTH_PW in global context requires
"register_globals" option turned on, which is highly deprecated...
- [Ganglia-developers] [patch] private cluster authenticate... Ramon Bastiaans
- Re: [Ganglia-developers] [patch] private cluster aut... Martin Knoblauch
- Re: [Ganglia-developers] [patch] private cluster... michael chang
- Re: [Ganglia-developers] [patch] private clu... Ramon Bastiaans
- Re: [Ganglia-developers] [patch] private... Martin Knoblauch
- Re: [Ganglia-developers] [patch] private cluster... Jeong Bae Kim
- Re: [Ganglia-developers] [patch] private clu... michael chang
- Re: [Ganglia-developers] [patch] private... Brooks Davis
- Re: [Ganglia-developers] [patch] pr... michael chang
- Re: [Ganglia-developers] [patch... Martin Knoblauch
- RE: [Ganglia-developers] [patch] private cluster aut... Bernard Li
- [Ganglia-developers] 3.0.2 release (was: [patch]... michael chang
- RE: [Ganglia-developers] [patch] private cluster aut... Bernard Li
- RE: [Ganglia-developers] [patch] private cluster... Martin Knoblauch