Closed Bug 1058608 Opened 10 years ago Closed 10 years ago

Support for authentication with an apache-style htpasswd-file

Categories

(Bugzilla :: Extension Ideas, defect)

4.5.5
defect
Not set
normal

Tracking

()

RESOLVED WORKSFORME

People

(Reporter: aba+bugzilla, Unassigned)

Details

Attachments

(1 file)

Attached file htpasswd.pm
User Agent: Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20140611 Firefox/24.0 Iceweasel/24.6.0 (Nightly/Aurora) Build ID: 20140611050012 Steps to reproduce: Currently Bugzilla cannot use an apache-style htpasswd-file as authentication source. The attached htpasswd.pm works for me (but is probably not appropriate for inclusion as the file name is hardcoded). Expected results: Please indicate whether a patch of that kind might be acceptable, and what (in addition to the password file selection) needs to be adjusted for inclusion.
Attachment #8479041 - Flags: review?(dkl)
Comment on attachment 8479041 [details] htpasswd.pm supporting more authentication mechanisms isn't something that we're keen to take on in the bugzilla core currently. instead this mechanism would be better suited to an extension. see http://www.bugzilla.org/docs/tip/en/html/api/Bugzilla/Extension.html for information about how to package this as an extension, which would allow it to run on any recent bugzilla version.
Attachment #8479041 - Attachment mime type: text/x-perl → text/plain
Attachment #8479041 - Flags: review?(dkl) → review-
Assignee: user-accounts → extension.ideas
Component: User Accounts → Extension Ideas
you may want to look at https://github.com/mozilla/webtools-bmo-bugzilla/tree/master/extensions/Persona as an example of an extension which adds a new authentication method. - Config.pm contains new modules (in your case Apache::Htpasswd) - grep the code for "browserid_verify_url" to see where we're adding an admin parameter; you'd want to set the path to your htpasswd file using a similar mechanism
And of course worth mentioning that this will also suffer from the same limitations as the Persona extension such as: * Unable to create account without manual intervention of an admin * Unable to change your password through the preferences UI * Unable to change your email address through the preferences UI * Possibility of a user creating a bugzilla account through the UI, but then using a different login with htpasswd and the two are not synced. dkl
Bugzilla already supports htpasswd for years. You have to set user_info_class = Env and configure your .htaccess file to point to your htpasswd file.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: