Send modauthtkt-users mailing list submissions to
modauthtkt-users@lists.sourceforge.net
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.sourceforge.net/lists/listinfo/modauthtkt-users
or, via email, send a message with subject or body 'help' to
modauthtkt-users-requ...@lists.sourceforge.net
You can reach the person managing the list at
modauthtkt-users-ow...@lists.sourceforge.net
When replying, please edit your Subject line so it is more specific
than "Re: Contents of modauthtkt-users digest..."
Today's Topics:
1. SingleSignOn using mod_auth_tkt few queries (KK CHN)
2. SSO config issues (KK CHN)
3. build fix for apache 2.4 (Ivo De Decker)
4. New IPv6 patch (c...@chadlavoie.com)
5. "Use of uninitialized value" warnings from login.cgi
(Nikolaus Rath)
6. ruby client (Peter Karman)
----------------------------------------------------------------------
Message: 1
Date: Tue, 15 May 2012 04:50:31 +0000
From: KK CHN <kkchn...@gmail.com>
Subject: [modauthtkt-users] SingleSignOn using mod_auth_tkt few
queries
To: modauthtkt-users@lists.sourceforge.net
Message-ID:
<cakggyb8amrd1z2laokojt9eex806gg7myyxen0wwqpau3ql...@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
List,
I am trying a SSO from a plone(4.1.4 version) intranet site to a squirrel mail
webclient.
I have enabled in the plone site for the cookie sharing for mydomain.com
and shared a secret is there "blah"
Now in the server machine for apache I enabled mod_auth_tkt ( the
plone version supports mod_auth_tkt compatible systems.)
The plone site and SquirrelMain both runs in the same machine under
same apache were mod_tkt is loaded.
Vhost entry for Squirrel mail
<VirtualHost *:80>
ServerAdmin webmas...@mydomain.com
DocumentRoot /usr/local/www/SquirrelMail
ServerName webmail.mydomain.com
ServerAlias webmail.mydomain.com
TKTAuthSecret "blah"
<Location /src/login.php> # ist this <Location > directive is right?
TKTAuthIgnoreIP on
TKTAuthDebug 2
TKTAuthDomain .mydomain.com
TKTAuthTimeout 2w
TKTAuthCookieExpires 2w
TKTAuthRequireSSL off
TKTAuthCookieSecure off
</Location>
ErrorLog /var/log/httpd-error.log
CustomLog /var/log/httpd-access.log combined
</VirtualHost>
There is an existing IMAP account user: kk...@webmail.mydomain.com
password: mypass
Then I created the same user kk...@webmail.mydomain.com in Plone
Site with same password "mypass"
Restarted apache
I logged in to the plone site (intranet.mydomain.com) with the
user name "kk...@webmail.mydomain.com" with "mypass" and click
the link for webmail.mydomain.com but it prompts me for username
and password.
Do I miss any configuration other than the above in the Squirrel
Mail virtualhost config ? Or anything additional work required?
This is my Virtual host configuration for Plone site.
<VirtualHost *:80>
ServerAdmin k...@webmail.mydomain.com
ServerName intranet.mydomain.com
RewriteEngine On
RewriteRule ^/(.*)
http://127.0.0.1:8081/VirtualHostBase/http/intranet.mydomain.com:80/Intranet/VirtualHostRoot/$1
[L,P]
ErrorLog /var/log/apache/intranet.mydomain.com/error_log
CustomLog /var/log/apache/intranet.mydomain.com/access.log combined
</VirtualHost>
Please shed some light on this regard, to accomplish SSO from the
plone site to SM.
Thanks in advance
KK
------------------------------
Message: 2
Date: Tue, 15 May 2012 09:24:01 -0700
From: KK CHN <kkchn...@gmail.com>
Subject: [modauthtkt-users] SSO config issues
To: modauthtkt-users@lists.sourceforge.net
Message-ID:
<CAKgGyB8bnswApFc-RFsRs=b4cv3vmzbyj0hk_nfwxl9m-_g...@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
List
I am trying a SSO from a plone(4.1.4 version) intranet site to a squirrel
mail
webclient.
I have enabled in the plone site for the cookie sharing for mydomain.com
and shared a secret is there "blah"
Now in the server machine for apache I enabled mod_auth_tkt ( the
plone version supports mod_auth_tkt compatible systems.)
The plone site and SquirrelMain both runs in the same machine under
same apache were mod_tkt is loaded.
Vhost entry for Squirrel mail
<VirtualHost *:80>
ServerAdmin webmas...@mydomain.com
DocumentRoot /usr/local/www/SquirrelMail
ServerName webmail.mydomain.com
ServerAlias webmail.mydomain.com
TKTAuthSecret "blah"
<Location /src/login.php> # ist this <Location > directive is right?
TKTAuthIgnoreIP on
TKTAuthDebug 2
TKTAuthDomain .mydomain.com
TKTAuthTimeout 2w
TKTAuthCookieExpires 2w
TKTAuthRequireSSL off
TKTAuthCookieSecure off
</Location>
ErrorLog /var/log/httpd-error.log
CustomLog /var/log/httpd-access.log combined
</VirtualHost>
There is an existing IMAP account user: kk...@webmail.mydomain.com
password: mypass
Then I created the same user kk...@webmail.mydomain.com in Plone
Site with same password "mypass"
Restarted apache
I logged in to the plone site (intranet.mydomain.com) with the
user name "kk...@webmail.mydomain.com" with "mypass" and click
the link for webmail.mydomain.com but it prompts me for username
and password.
Do I miss any configuration other than the above in the Squirrel
Mail virtualhost config ? Or anything additional work required?
This is my Virtual host configuration for Plone site.
<VirtualHost *:80>
ServerAdmin k...@webmail.mydomain.com
ServerName intranet.mydomain.com
RewriteEngine On
RewriteRule ^/(.*)
http://127.0.0.1:8081/VirtualHostBase/http/intranet.mydomain.com:80/Intranet/VirtualHostRoot/$1
[L,P]
ErrorLog /var/log/apache/intranet.mydomain.com/error_log
CustomLog /var/log/apache/intranet.mydomain.com/access.log combined
</VirtualHost>
Please shed some light on this regard, to accomplish SSO from the
plone site to SM.
Thanks in advance
KK
-------------- next part --------------
An HTML attachment was scrubbed...
------------------------------
Message: 3
Date: Fri, 18 May 2012 13:14:25 +0200
From: Ivo De Decker <ivo.dedec...@ugent.be>
Subject: [modauthtkt-users] build fix for apache 2.4
To: modauthtkt-users@lists.sourceforge.net
Message-ID: <20120518111425.ga9...@ugent.be>
Content-Type: text/plain; charset="us-ascii"
Hi,
The attached patch contains a build fix to allow mod_auth_tkt to build against
apache 2.4.
Cheers,
Ivo De Decker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: apache24fix.diff
Type: text/x-diff
Size: 1313 bytes
Desc: not available
------------------------------
Message: 4
Date: Mon, 02 Sep 2013 19:16:04 -0400
From: c...@chadlavoie.com
Subject: [modauthtkt-users] New IPv6 patch
To: <modauthtkt-users@lists.sourceforge.net>
Message-ID: <c42f0c91acd8eb40ab7c1254d29cf...@chadlavoie.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Hello,
A long while ago I submitted a patch for IPv6 support, that had issues
with the shortening of the address that might not be the same across
systems. Its been a long time, as I wandered around other technologies,
before returning to the light. I'm going to stick with mod_auth_tkt
this time, so I should actually follow up on this long enough to get it
solved.
I've made a new patch that resolves this problem. Its more
complicated, though also more sane in terms of not being quite so much
of a hack.
In short it makes identical tokens as before if the IP is IPv4 or if
ignore_ip is set. If the ip is IPv6, then it puts the 16 byte binary
representation of the IPv6 address where the 4 byte long of the IPv4
was, then continues on building the buffer as usual.
I've put if's around the parts that are IPv6 specific with fall-backs
to the current operations, so this should continue to compile/operate on
systems that aren't IPv6 aware (they will segfault like the current
version does if they run into an IPv6 address, but that wouldn't make
any sense).
I've made a pull request for said patches. Any comments/suggested
changes/bug reports are welcome.
Thanks,
- Chad
------------------------------
Message: 5
Date: Mon, 16 Sep 2013 22:57:27 -0700
From: Nikolaus Rath <nikol...@rath.org>
Subject: [modauthtkt-users] "Use of uninitialized value" warnings from
login.cgi
To: modauthtkt-users@lists.sourceforge.net
Message-ID: <5237ef47.7080...@rath.org>
Content-Type: text/plain; charset=UTF-8
Hello,
Thanks for working on this module! It's really useful.
I have noticed that occasionally the login.cgi script produces the
following warnings:
Use of uninitialized value in lc at /[path]/login.cgi line 74.
Use of uninitialized value in lc at /[path]/login.cgi line 74.
Use of uninitialized value $arg{"tokens"} in pattern match (m//) at
/[path]/Apache/AuthTkt.pm line 209.
Use of uninitialized value $tokens in concatenation (.) or string at
/[path]/Apache/AuthTkt.pm line 248.
Am I using the script the wrong way? Or is this a bug?
Thanks!
-Nikolaus
--
?Time flies like an arrow, fruit flies like a Banana.?
PGP fingerprint: 5B93 61F8 4EA2 E279 ABF6 02CF A9AD B7F8 AE4E 425C
------------------------------
Message: 6
Date: Wed, 05 Mar 2014 09:23:58 -0600
From: Peter Karman <pe...@peknet.com>
Subject: [modauthtkt-users] ruby client
To: modauthtkt-users@lists.sourceforge.net
Message-ID: <5317418e.4030...@peknet.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Building on the good work at http://meso.net/mod_auth_tkt I have created
a full-fledged Ruby ApacheAuthTkt gem at
https://github.com/APMG/apache-authtkt-ruby
If you use Ruby and mod_auth_tkt, I would appreciate feedback. We'll be
testing this internally over the next few weeks before pushing a 1.0 to
rubygems.
cheers,
pek
--
Peter Karman . http://peknet.com/ . pe...@peknet.com
------------------------------
------------------------------------------------------------------------------
Subversion Kills Productivity. Get off Subversion & Make the Move to Perforce.
With Perforce, you get hassle-free workflows. Merge that actually works.
Faster operations. Version large binaries. Built-in WAN optimization and the
freedom to use Git, Perforce or both. Make the move to Perforce.
http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
------------------------------
_______________________________________________
modauthtkt-users mailing list
modauthtkt-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/modauthtkt-users
End of modauthtkt-users Digest, Vol 29, Issue 1
***********************************************
