On Fri, 18 Dec 2009 20:11:35 +0100 "Imposit.com - Webmaster" <webmas...@imposit.com> wrote:
> This "Manager" is at the Moment the only Way to do this. > Because we use Apache Authentication it is not possible to make an Loggout > Link. > It would be possible to do that BUT it is very fragile and I would say that coding some thing like that to be rock solid is going to take us some time. The basic steps behind doing that are simple. It is just a bunch of HTTP headers that needs to be send out to the browser: WWW-Authenticate: Basic realm="DSPAM Web UI" HTTP/1.0 401 Unauthorized The problem with that is that it does not work every where. For example if you use the DSPAM Web UI as an FCGI then things get ultra complicated. And to make it more complicated: You need to know more about the web server to be able to make a rock solid module. There is more then just Basic Authentication. One would need to implement NTLM, HTTP Basic, HTTP Digest, HTTP Negotiate, etc to be able to server all possible scenarios. And I really ask my self: For what all this stress? And then don't forget that one could use a proxy/reverse proxy to access the DSPAM Web UI, and, and, and... this all would make things ultra complex. > But im Wondering that our Users don't know that > (sorry Guys but I personally think Dspam is an Enterprise Solution and how > Apache Auth works should be a Basic knowledge) > Most people just do apt-get apache2, emerge apache2, rpm -Uvh apach2, whatever and then read How-To Forge and copy some stuff from all over the internet and get their infrastructure running without really understanding the technique behind that what they are using. In one way I understand them and in some way I don't understand them. I understand that not every one who is driving a car needs to be a auto mechanic. But basic stuff from my viewpoint every one should understand. I mean the ultra basic stuff. Authentication is one such thing. > However there is a trick to logout the User but will not work in every > Browser so well and is very tricky to configure. > Tricky? It's a PIA to get something like that working in every browser/server. Before we go and kill our self with something like that... I am the first one to add a basic login screen asking for username/password on a PLAIN HTML FORM. Then every one can use that who does not want/can use normal HTTP authentication. > Anyway if someone really wanna try it I could post it here, but I really do > not recommend this (that's why I do not post it immidently :-). > LOL! Zuckerbrot und Peitsche Prinzip? > Br > rm > -- Kind Regards from Switzerland, Stevan Bajić > Feature Requests item #2810520, was opened at 2009-06-22 21:30 > Message generated for change (Comment added) made by paulcockings > You can respond by visiting: > https://sourceforge.net/tracker/?func=detail&atid=1126468&aid=2810520&group_ > id=250683 > > Please note that this message will contain a full copy of the comment > thread, > including the initial issue submission, for this request, > not just the latest update. > Category: None > Group: None > Status: Open > Priority: 5 > Private: No > Submitted By: Harlan Stenn (harlan) > Assigned to: Nobody/Anonymous (nobody) > Summary: web UI needs a "log out" link > > Initial Comment: > Some folks have multiple email accounts on a machine, and with the current > authentication mechanism used by the dspam webUI there seems to be no way to > log out as one user in order to log in as another. > > It can be very inconvenient to have to restart a browser (that may have many > other open tabs) in order to log in to the dspam webUI as a different user. > > ---------------------------------------------------------------------- > > >Comment By: Paul Cockings (paulcockings) > Date: 2009-12-18 17:40 > > Message: > We now have an experimental web-ui for Dspam that allow a pre defined > 'manager' to switch to several other users from a drop down box. > > This experimental interface will hopefully make it into the /contrib > folder once 3.9.0 has been released > > I need to thank Stevan Bajic for the work on this feature > > > > ---------------------------------------------------------------------- > > Comment By: Imposit.com Webmaster (bofh999) > Date: 2009-06-22 23:48 > > Message: > im sorry to say that so hard but thats nonsense. > it just shows you didnt read in the documentation > > logoutlink isnt possible (not regular) > its an apache authentication. apache cannot logout. > > all you can do is do reset the realm but that only barly works and not on > all browsers > > > its true that this feature might be needed but a request at this stage > make no sense. first we need a new webui, bevore that can happen we need > all data in the databases (also the quaratines or another solution for > them) so something else (like php or pythion or whatever can manage them > > > the main problem is the dspam design. as long setuid is needed as long we > need the apache authentication (and in this case its a good thing the way > it is for sec. reasons) > > on the other hand the apache auth is together with mod_evasive and ssl a > real real real secure thing > > ---------------------------------------------------------------------- > > You can respond by visiting: > https://sourceforge.net/tracker/?func=detail&atid=1126468&aid=2810520&group_ > id=250683 > > ---------------------------------------------------------------------------- > -- > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > _______________________________________________ > Dspam-devel mailing list > Dspam-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspam-devel > > !DSPAM:1005,4b2bbf0288841804284693! > > > ------------------------------------------------------------------------------ > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > _______________________________________________ > Dspam-devel mailing list > Dspam-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspam-devel > ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Dspam-devel mailing list Dspam-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-devel
