---
server/base_server/global_variables.pike | 10 ++++++++++
server/base_server/roxen.pike | 5 +++++
2 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/server/base_server/global_variables.pike
b/server/base_server/global_variables.pike
index 9ca7bdb..b14b1ab 100644
--- a/server/base_server/global_variables.pike
+++ b/server/base_server/global_variables.pike
@@ -549,6 +549,16 @@ The start script attempts to fix this for the standard
file locations.</p>"));
"for CGI, and also 'access files as user' in the filesystems, but "
"it gives better security."));
+ defvar("authenticated_image_cache", 1,
+ LOCALE(0, "Authenticated image cache"),
+ TYPE_FLAG|VAR_MORE,
+ LOCALE(0, "If this variable is set, Roxen will require the same "
+ "authentication on the cached image as was required for the "
+ "original image (e.g. used by tags as gxml and cimg). "
+ "In systems where subtrees use authentication, "
+ "disabling this might be required to prevent annoying "
+ "authentication prompts."));
+
defvar("ModuleDirs", roxenloader.default_roxen_module_path,
LOCALE(132, "Module directories"),
TYPE_DIR_LIST,
diff --git a/server/base_server/roxen.pike b/server/base_server/roxen.pike
index dfb555d..5c21b57 100644
--- a/server/base_server/roxen.pike
+++ b/server/base_server/roxen.pike
@@ -4058,9 +4058,14 @@ class ImageCache
#endif
if( id->misc->authenticated_user &&
!id->misc->authenticated_user->is_transient )
+ {
// This entry is not actually used, it's only there to
// generate a unique key.
a["\0u"] = user = id->misc->authenticated_user->name();
+ if( !query("authenticated_image_cache") )
+ user = UNDEFINED;
+ }
+
};
if( mappingp( data ) )
