> -----Original Message-----
> From: Evgeny Morozov [mailto:[email protected]]
> Sent: 29 April 2010 18:35
> To: [email protected]
> Subject: [Cosign-discuss] CosignAllowPublicAccess problem
>
> Hi.
>
> It seems that allowpublicaccess directive doesn't work correctly.
>
> I have phpBB forum installed and cosign-protected. Then I've
> created aaa.php script and in my apache conf I wrote:
>
> <Location "/aaa.php">
> AllowPublicAccess On
> </Location>
>
> I can access this script without signing into cosign.
>
> Then I login into cosign, visit my phpbb protected index page
> and after that I visit my aaa.php. There is no "REMOTE_USER"
> variable set.
>
> So, AllowPublicAccess works like turning CosignProtect off.
>
> --
> Regards,
> Evgeny Morozov
>
Hi Evgeny,
In order to gain the information about a logged in Cosign user for an area that
is defined as "AllowPublicAccess On" it is necessary to first direct the user
to an
area within the same Cosign service that does now allow public access.
Following the successful login of the user into Cosign if the user requests a
page in the public area the remote user variable will be set
For example:
Apache Config
<Location "/aaa.php">
AllowPublicAccess On
</Location>
<Location "/private.php">
AllowPublicAccess Off
</Location>
1) User requests https://www.example.com/aaa.php - REMOTE_USER not set
2) User requests https://www.example.com/private.php - REMOTE_USER set
3) User requests https://www.example.com/aaa.php - REMOTE_USER set
Hope this answers your question.
Peter Jackson
Systems Administrator
Information Services, Applications Division
University of Edinburgh
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
------------------------------------------------------------------------------
_______________________________________________
Cosign-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/cosign-discuss
