Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Add the capability (disabled by default) to accept REMOTE_USER as an authenticated user. Ticket [49929a3557a] |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
a5a1ff1b4b5a1ae0f69d86feead0d755 |
| User & Date: | drh 2010-03-29 00:07:38.000 |
Context
|
2010-03-30
| ||
| 01:22 | The sync, clone, push, and pull commands process 302 redirects. ... (check-in: 84439e9dc7 user: drh tags: trunk) | |
|
2010-03-29
| ||
| 00:07 | Add the capability (disabled by default) to accept REMOTE_USER as an authenticated user. Ticket [49929a3557a] ... (check-in: a5a1ff1b4b user: drh tags: trunk) | |
|
2010-03-28
| ||
| 23:20 | In the graph algorithm, try to put branches on rails as close as possible to their parent. ... (check-in: 42bbfe9d64 user: drh tags: trunk) | |
Changes
Changes to src/login.c.
| ︙ | ︙ | |||
395 396 397 398 399 400 401 402 403 404 405 406 407 408 |
" AND %Q=%Q",
rTime, &zCookie[i], blob_buffer(&b)
);
blob_reset(&b);
}
sqlite3_snprintf(sizeof(g.zCsrfToken), g.zCsrfToken, "%.10s", zCookie);
}
/* If no user found yet, try to log in as "nobody" */
if( uid==0 ){
uid = db_int(0, "SELECT uid FROM user WHERE login='nobody'");
if( uid==0 ){
/* If there is no user "nobody", then make one up - with no privileges */
uid = -1;
| > > > > > > > > > > > | 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 |
" AND %Q=%Q",
rTime, &zCookie[i], blob_buffer(&b)
);
blob_reset(&b);
}
sqlite3_snprintf(sizeof(g.zCsrfToken), g.zCsrfToken, "%.10s", zCookie);
}
/* If no user found and the REMOTE_USER environment variable is set,
** the accept the value of REMOTE_USER as the user.
*/
if( uid==0 ){
const char *zRemoteUser = P("REMOTE_USER");
if( zRemoteUser && db_get_boolean("remote_user_ok",0) ){
uid = db_int(0, "SELECT uid FROM user WHERE login=%Q"
" AND length(cap)>0 AND length(pw)>0", zRemoteUser);
}
}
/* If no user found yet, try to log in as "nobody" */
if( uid==0 ){
uid = db_int(0, "SELECT uid FROM user WHERE login='nobody'");
if( uid==0 ){
/* If there is no user "nobody", then make one up - with no privileges */
uid = -1;
|
| ︙ | ︙ |
Changes to src/setup.c.
| ︙ | ︙ | |||
736 737 738 739 740 741 742 | @ web access coming from 127.0.0.1. When disabled, web access @ from 127.0.0.1 is allows without any login - the user id is selected @ from the ~/.fossil database. Password login is always required @ for incoming web connections on internet addresses other than @ 127.0.0.1.</p></li> @ <hr> | | | | | | < | > > > > > > > > > | 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 |
@ web access coming from 127.0.0.1. When disabled, web access
@ from 127.0.0.1 is allows without any login - the user id is selected
@ from the ~/.fossil database. Password login is always required
@ for incoming web connections on internet addresses other than
@ 127.0.0.1.</p></li>
@ <hr>
onoff_attribute("Allow REMOTE_USER authentication",
"remote_user_ok", "remote_user_ok", 0);
@ <p>When enabled, if the REMOTE_USER environment variable is set to the
@ login name of a valid user and no other login credentials are available,
@ then the REMOTE_USER is accepted as an authenticated user.
@ </p></li>
@ <hr>
entry_attribute("Login expiration time", 6, "cookie-expire", "cex", "8766");
@ <p>The number of hours for which a login is valid. This must be a
@ positive number. The default is 8760 hours which is approximately equal
@ to a year.</p>
@ <hr>
entry_attribute("Download packet limit", 10, "max-download", "mxdwn",
"5000000");
@ <p>Fossil tries to limit out-bound sync, clone, and pull packets
@ to this many bytes, uncompressed. If the client requires more data
@ than this, then the client will issue multiple HTTP requests.
@ Values below 1 million are not recommended. 5 million is a
@ reasonable number.</p>
@ <hr>
onoff_attribute("Show javascript button to fill in CAPTCHA",
"auto-captcha", "autocaptcha", 0);
@ <p>When enabled, a button appears on the login screen for user
@ "anonymous" that will automatically fill in the CAPTCHA password.
@ This is less secure that forcing the user to do it manually, but is
@ probably secure enough and it is certainly more convenient for
@ anonymous users.</p>
@ <hr>
@ <p><input type="submit" name="submit" value="Apply Changes"></p>
@ </form>
db_end_transaction(0);
style_footer();
}
|
| ︙ | ︙ |