Hi, Someone worked on patches long ago for this but they were never completed. They're a bit outdated now given changes in Review Board.
I don't know how your code works, but I believe Django has support for HTTP Auth now (django.contrib.auth.backends.RemoteUserAuthBackend). It actually doesn't completely do what we need. It'll automatically create User objects for any new attempt at login, which is probably bad. What I'd do is subclass this in our own backends.py file and set create_unknown_user to False. I'd also create a new variable we can use to hide the Log In link (maybe "hide_login_page" or something) and check that in the base.html template. This backend must be used in conjunction with django.contrib.auth.middleware.RemoteUserMiddleware. However, the middleware assumes that we're absolutely using RemoteUserAuthBackend, which we won't always be, so you'd also have to subclass that, override process_request, and only call the parent method if the HTTP auth backend is used. That middleware would need to be placed in the middleware list in reviewboard/settings.py. You'd then need to update Review Board to know about it (reviewboard/admin/siteconfig.py and forms.py, I believe). Hope that helps. Christian -- Christian Hammond - [email protected] Review Board - http://www.reviewboard.org VMware, Inc. - http://www.vmware.com On Tue, Jun 8, 2010 at 10:27 AM, tuckermi <[email protected]> wrote: > I am trying to configure ReviewBoard (I'm using 1.5b2) to trust the > REMOTE_USER environment variable that is set by apache when I use > basic HTTP authentication. Has anyone had luck doing something like > this who can steer me in the right direction? I have tried writing my > own backend, which seems like it is probably not the best approach, > but am running into some issues. Specifically, I am still prompted to > login with the ReviewBoard login page after I authenticate through the > HTTP Auth popup. > > I would definitely prefer to use existing tools if they exist -- I > looked through the documentation and didn't see any mention of HTTP > basic auth as an authentication backend. Is there something in Django > that I should look at? Any suggestions would be appreciated. > > Thanks, > Mike > > -- > Want to help the Review Board project? Donate today at > http://www.reviewboard.org/donate/ > Happy user? Let us know at http://www.reviewboard.org/users/ > -~----------~----~----~----~------~----~------~--~--- > To unsubscribe from this group, send email to > [email protected]<reviewboard%[email protected]> > For more options, visit this group at > http://groups.google.com/group/reviewboard?hl=en -- Want to help the Review Board project? Donate today at http://www.reviewboard.org/donate/ Happy user? Let us know at http://www.reviewboard.org/users/ -~----------~----~----~----~------~----~------~--~--- To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/reviewboard?hl=en
