30.04.2010 15:51, JACKSON Peter пишет: >> Hi Evgeny, >> >> In order to gain the information about a logged in Cosign user for an area >> that is defined as "AllowPublicAccess On" it is necessary to first direct >> the user to an >> area within the same Cosign service that does now allow public access. >> Following the successful login of the user into Cosign if the user requests >> a page in the public area the remote user variable will be set >> >> For example: >> >> Apache Config >> >> <Location "/aaa.php"> >> AllowPublicAccess On >> </Location> >> >> <Location "/private.php"> >> AllowPublicAccess Off >> </Location> >> >> 1) User requests https://www.example.com/aaa.php - REMOTE_USER not set >> 2) User requests https://www.example.com/private.php - REMOTE_USER set >> 3) User requests https://www.example.com/aaa.php - REMOTE_USER set >> >> Hope this answers your question. >> >> Peter Jackson >> Systems Administrator >> Information Services, Applications Division >> University of Edinburgh >> I think I misunderstanding something. Here is my config:
<Directory "/var/www/phpbb/htdocs"> Options Indexes FollowSymLinks AllowOverride none Order Allow,Deny Allow from all CosignProtected On CosignService phpbb </Directory> <Location /public.php> CosignAllowPublicAccess On </Location> <Location /private.php> CosignAllowPublicAccess Off </Location> I can access "private.php" even I'm not logged in into cosign (but index.php for example redirects me to cosign login page). And $_SERVER[REMOTE_USER] is not set for both "public.php" and "private.php". -- Regards, Evgeny Morozov ------------------------------------------------------------------------------ _______________________________________________ Cosign-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/cosign-discuss
