[mythtv] Simple MythWeb hack...help needed
John Helmuth
john at helmuth.org
Fri Nov 16 17:25:54 UTC 2007
I would try to handle the case where $_SERVER['REMOTE_USER'] IS empty as
well. I don't know if that's possible with the apache configuration you've
got, but better to handle it in case the apache config gets changed, I
think.
Also, the for loop could be handled with a call to the in_array() function (
http://php.net/in_array)
Otherwise, looks good.
--jdh
On Nov 16, 2007 8:22 AM, hendrixski <hendrixski at storsint.com> wrote:
> Every time you don't comment your code God kills a kitten.
>
> My constructive feedback is that
> 1)A month or two from now you'll come back to tinker with this code some
> more and you will wish that you had left notes for yourself
> 2) others who will want to tinker on it with you will wish that you had
> left notes for them, and
> 3) think of the kittens.
>
> Hope that it helps. :-)
>
> - Hendrixski
>
> Michael Tiller wrote:
> > OK, here is what I did and it seems to work.
> >
> > First, I installed the mod_auth_openid module
> > <http://butterfat.net/wiki/Projects/ModAuthOpenID> (I had to use the
> > one from the SVN repository to get it to build). Then I just turned
> > on the authentication with the directive:
> > AuthOpenIDEnabled On
> > This passes the authenticated users OpenID as "REMOTE_USER" in the
> > request. So then I modified session.php in MythWeb to include this
> > fragment of PHP code:
> >
> > if (!empty($_SERVER['REMOTE_USER'])) {
> > $authusers = array("http://openid1", "http://openid2"); //
> > Obviously, I put legit URLs in mine
> > $remuser = $_SERVER['REMOTE_USER'];
> > $authorized = False;
> > foreach ($authusers as $authuser) {
> > if ($authuser==$remuser) {
> > $authorized = True;
> > }
> > }
> > if (!$authorized) {
> > echo "Sorry, '".$remuser."' is not authorized to access this
> > site. ";
> > exit;
> > }
> > }
> >
> > Now remember, I don't know PHP so I'm happy for constructive feedback
> > on how to make this better. So if anybody wants to make their MythWeb
> > OpenID enabled, this is one way to do it.
> >
> > --
> > Mike
> >
> >
> > On Nov 15, 2007 6:05 PM, Michael Tiller <michael.tiller at gmail.com
> > <mailto:michael.tiller at gmail.com>> wrote:
> >
> > I'm a big OpenID <http://openid.net/> fan and I want to put my
> > MythWeb behind an OpenID authentication check. That wasn't so
> > much of a problem, but the mod_auth_openid module for Apache only
> > handles authentication, not authorization. The rationale there is
> > that the web app should handle authorization. So I need a way *in
> > MythWeb* to bounce users based on the value of REMOTE_USER. I
> > don't know PHP so I thought perhaps somebody here might be able to
> > give me some hints about how to formulate and where to put code
> > that would bounce people.
> >
> > Any help greatly appreciated and I'd be glad to contribute back a
> > complete write up on how I did it.
> >
> > --
> > Mike
> >
>
>
> --
> - Hendrixski
>
> How to ask questions:
> * Do your homework: google it, search archives from lists and forums
> * Ask on the appropriate list or forum using a meaningful header
> * Be precise, impersonal, to the point, state your goal, and say "please"
> and "thank you"
>
> How to answer questions:
> * Verify what they're asking about, turn bad questions into good ones
> * Give information, ask if it answers their question. Rinse & Repeat
> * Not all manuals are created equal! link to your favorite one and say
> "Read This Fine Manual"
>
>
>
> _______________________________________________
> mythtv-dev mailing list
> mythtv-dev at mythtv.org
> http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mythtv.org/pipermail/mythtv-dev/attachments/20071116/e9df6464/attachment.htm
More information about the mythtv-dev
mailing list