Thilo-Alexander Ginkel wrote: > On Thu, Aug 20, 2009 at 23:37, Christian Hammond<chip...@chipx86.com> wrote: > >> Good question. I don't know that anyone's tested that or worked on it. I >> imagine it doesn't work right today, but could be done. You'd probably have >> to deal with two password prompts. >> > > Shouldn't it be possible to implement this with a similar > authentication middleware that Nathan H. proposed for the X.509 > authentication (see [1])? The env variable will be a different one and > you will probably also need your own auth backend, but the basic > concept should remain the same. > In my work, I chose to allow the X.509 auth backend as well as the standard auth. Users can change their password when authenticated with X.509, and then since post-review isn't able to use X.509, it will use the standard authentication backend. After implementing the X.509 authentication stuff, I've been wondering if it might have been better to do it the REMOTE_AUTH way. That would allow for the ugly regular expression in the UI to be dropped. It may be useful to merge the changes we made to the templates in Issue 513 and review 938. That would probably be the simplest solution to getting a usable solution in which you can rely on corporate Single Sign On and still keep the post-review tool useful without needing to add potentially proprietary code to post-review.
Cheers, Nathan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "reviewboard" group. To post to this group, send email to reviewboard@googlegroups.com To unsubscribe from this group, send email to reviewboard+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en -~----------~----~----~----~------~----~------~--~---