Item9593: Realm settings between Foswiki.spec and httpd_conf and htaccess don't match.

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Urgent Closed Engine    
which is needlessly confusing, considering that digest auth is way more secure than basic auth.

I'm going to change them so they match, and as they need to be a static string, means that we can't use it for 'help' in the template login dialog.

mark as urgent for visibility.

-- SvenDowideit - 31 Aug 2010

thankfully we've not used the setting for that in a long time.

UPGRADERS make sure you don't change your realm from what you have in your existing setup.

-- SvenDowideit - 31 Aug 2010

next up, write a configure checker that makes sure the realm does not contain a : (colon) as that will break the password file fomar when using digest (aka md5) encoding.... as the pwd file uses an :..

maybe also highlight this in the htpasswd.pm module

if there is a way to detect the realm that apache is using, that would help alot.

-- SvenDowideit - 31 Aug 2010

Is this still a release blocker for 1.0.10???

-- KennethLavrsen - 06 Sep 2010

no, I've had to give up on writing a configure checker

mind you, we still could use Foswiki::Net to do an authed request to find out what the realm is, and then check or set it..

Kenneth, why do you keep asking about 1.0.10 ? needless to say - I have done work on this on both 1.0.10 and 1.1.0 - so I'm changing it back to fixed in 1.0.10.

-- SvenDowideit - 07 Sep 2010
 

ItemTemplate edit

Summary Realm settings between Foswiki.spec and httpd_conf and htaccess don't match.
ReportedBy SvenDowideit
Codebase 1.0.9, trunk
SVN Range
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins Foswikirev:8823 Foswikirev:8824 Foswikirev:8831 Foswikirev:8832 Foswikirev:8833 Foswikirev:8834 Foswikirev:8835
TargetRelease patch
ReleasedIn 1.0.10
Topic revision: r12 - 08 Sep 2010, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License