Problem solved.
It seems that the Shibboleth module can cause problems with Apache
authentication/authorization,
even with AuthType Basic. The fix is to disable mod_shib_24, or to set
ShibCompatValidUser On.
I disabled the shib module, which fixed our problem.
So, not an issue with webauth at a
Hi Kai,
We are all now moving our sites (in the school of medicine) from webauth to
Shib and you can do 'lazy shib' which will give you the logged in user if
present but will not force a login event. Would this work for you?
-Andy
—
Andrew Martin, PhD
Stanford University School of Medicine
O
Russ Allbery writes:
> Unfortunately, this part of the code has problems on Apache 2.2, I
> think. Since Apache 2.2 doesn't have the post_perdir_config hook, you
> used the access_checker hook instead. However, Apache 2.2 requires that
> all access_checker hook functions return OK in the Satisf
Benjamin Coddington writes:
> Great! I partially implemented this approach by using
> ap_hook_check_access_ex to skip the check_user_id checks altogether if
> we're in the WebAuthOptional case.
Sorry about the delay in looking at this.
This is a rather ingenious solution. I hadn't thought abo
On Sep 23, 2013, at 2:56 PM, Russ Allbery wrote:
> Unfortunately, I got seriously distracted doing other things, and haven't
> been able to get back to this. We're not deploying Apache 2.4 yet, so
> it's not been a priority. I'd therefore be very happy for you to work on
> it.
Great! I partial
Benjamin Coddington writes:
> Russ Allbery wrote:
>> I think I'm convinced, although I do want to note that I don't have an
>> alternative solution yet, just a method that I think will work. The
>> plan is to store enough information in per-request data to construct
>> the environment variables
On Jun 16, 2013, at 3:05 AM, Russ Allbery wrote:
> Benjamin Coddington writes:
>
>> I feel the same as Gary that 'require webauth' w/o the interim r->user
>> being empty is preferable. We don't yet have any Apache 2.4 using
>> WebAuth yet, but in the next year or two many our sites will move
Benjamin Coddington writes:
> I feel the same as Gary that 'require webauth' w/o the interim r->user
> being empty is preferable. We don't yet have any Apache 2.4 using
> WebAuth yet, but in the next year or two many our sites will move onto
> 2.4. You might say that it's already broken in 2.4
On Jun 4, 2013, at 12:58 AM, Russ Allbery wrote:
> Gary Buhrmaster writes:
>> Russ Allbery wrote:
>>
>
>>> I'm not yet sure when all this will happen, since I'm actually supposed
>>> to be working on other projects now. :) But I wanted to mention all
>>> of this to let people know about
Gary Buhrmaster writes:
> Russ Allbery wrote:
>
>> I'm not yet sure when all this will happen, since I'm actually supposed
>> to be working on other projects now. :) But I wanted to mention all
>> of this to let people know about the current situation, and also to see
>> if people have an
On Tue, Jun 4, 2013 at 1:46 AM, Russ Allbery
wrote:
> I'm not yet sure when all this will happen, since I'm actually supposed to
> be working on other projects now. :) But I wanted to mention all of this
> to let people know about the current situation, and also to see if people
> have any
11 matches
Mail list logo
