[mythtv] Simple MythWeb hack...help needed

Fri Nov 16 16:22:04 UTC 2007

Every time you don't comment your code God kills a kitten. 

My constructive feedback is that
1)A month or two from now you'll come back to tinker with this code some 
more and you will wish that you had left notes for yourself
2) others who will want to tinker on it with you will wish that you had 
left notes for them, and
3) think of the kittens.

Hope that it helps.  :-)

 - Hendrixski

Michael Tiller wrote:
> OK, here is what I did and it seems to work.
>
> First, I installed the mod_auth_openid module 
> <http://butterfat.net/wiki/Projects/ModAuthOpenID> (I had to use the 
> one from the SVN repository to get it to build).  Then I just turned 
> on the authentication with the directive:
> AuthOpenIDEnabled                 On
> This passes the authenticated users OpenID as "REMOTE_USER" in the 
> request.  So then I modified session.php in MythWeb to include this 
> fragment of PHP code:
>
>     if (!empty($_SERVER['REMOTE_USER'])) {
>       $authusers = array("http://openid1", "http://openid2"); // 
> Obviously, I put legit URLs in mine
>       $remuser = $_SERVER['REMOTE_USER'];
>       $authorized = False;
>       foreach ($authusers as $authuser) {
>         if ($authuser==$remuser) {
>           $authorized = True;
>         }
>       }
>       if (!$authorized) {
>         echo "Sorry, '".$remuser."' is not authorized to access this 
> site.  ";
>         exit;
>       }
>     }
>
> Now remember, I don't know PHP so I'm happy for constructive feedback 
> on how to make this better.  So if anybody wants to make their MythWeb 
> OpenID enabled, this is one way to do it.
>
> --
> Mike
>
>
> On Nov 15, 2007 6:05 PM, Michael Tiller <michael.tiller at gmail.com 
> <mailto:michael.tiller at gmail.com>> wrote:
>
>     I'm a big OpenID <http://openid.net/> fan and I want to put my
>     MythWeb behind an OpenID authentication check.  That wasn't so
>     much of a problem, but the mod_auth_openid module for Apache only
>     handles authentication, not authorization.  The rationale there is
>     that the web app should handle authorization.  So I need a way *in
>     MythWeb* to bounce users based on the value of REMOTE_USER.  I
>     don't know PHP so I thought perhaps somebody here might be able to
>     give me some hints about how to formulate and where to put code
>     that would bounce people.
>
>     Any help greatly appreciated and I'd be glad to contribute back a
>     complete write up on how I did it.
>
>     --
>     Mike
>

-- 
 - Hendrixski

How to ask questions:
 * Do your homework: google it, search archives from lists and forums
 * Ask on the appropriate list or forum using a meaningful header
 * Be precise, impersonal, to the point, state your goal, and say "please" and "thank you"

How to answer questions:
 * Verify what they're asking about, turn bad questions into good ones
 * Give information, ask if it answers their question.  Rinse & Repeat
 * Not all manuals are created equal! link to your favorite one and say "Read This Fine Manual"