Closed Bug 318880 Opened 19 years ago Closed 18 years ago

Despot should log authentication results

Categories

(Webtools Graveyard :: Despot, defect)

Product:
Webtools Graveyard
Component:
Despot
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: justdave, Assigned: justdave)

Details

Attachments

(1 file)

Patch v1
782 bytes, patch
reed
: review+
Details | Diff | Splinter Review
Despot controls a fairly critical piece of CVS infrastructure, and thus should log authentication results (success or failure) just like the linux login shells do, so we can tell when people log in, or when someone is attempting to brute-force someone's password. Using a perl warn() statement so it shows up in Apache's error log would probably be sufficient for now, but long-term it would be nice to feed it to syslog's auth.* channel.
so from memory, despot doesn't know the difference between a user logging in and a user clicking on some other button elsewhere in the site (all pages include the password and use it as a hidden form field). do you really want despot to log each page visit, or should the code try to discover what a session is? really, the code should seriously consider moving to using a login cookie.
Yeah, I agree there, we need to move to a session-based auth instead of passing the password back and forth on every page view/button click.
QA Contact: timeless → despot
Attached patch Patch v1Splinter Review
In the meantime, here's what we've had locally patched on production for the last year or so.
Assignee: justdave → justdave
OS: Linux → All
Hardware: PC → All
Attachment #247650 - Flags: review+
Checking in despot.cgi; /cvsroot/mozilla/webtools/despot/despot.cgi,v <-- despot.cgi new revision: 1.51; previous revision: 1.50 done
Status: NEW → RESOLVED
Closed: 18 years ago
Resolution: --- → FIXED
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: