Bug #907
closed
Foreman behind apache with userauth.
Description
So I am using this apache config for foreman.
<VirtualHost *:80>
ServerName dashboard.server.com
ServerAlias dashboard
DocumentRoot /opt/foreman/public
RailsAutoDetect On
AddDefaultCharset UTF-8
Alias /certs /opt/foreman/public/certs.php
<Directory /opt/foreman/public/>
Options ExecCGI
AllowOverride None
AuthType Basic
AuthName "Dashboard Access"
AuthUserFile /opt/foreman/foreman.auth
Require valid-user
Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>When going to dashboard.server.com it requests for the user name and password, if you click cancel a bunch of times it will drop you into the public folder. Not sure if this is a apache issue or rails.
Updated by Ohad Levy over 13 years ago
- Status changed from New to Feedback
- Priority changed from High to Normal
any reason why you are not using the built in foreman authentication?
simply add to your foreman settings file
:login: true
Updated by Yun Zheng Hu about 13 years ago
I fixed the Apache Auth using the Location directive instead of the Directory.
I have configured it as following:
<Directory /var/www/foreman-0.4/public>
Order Deny,Allow
Allow from all
</Directory>
<Location "/">
SSLRequireSSL
AuthType "Digest"
AuthName "Restricted Access"
AuthUserFile /etc/htdigest.users
require valid-user
Order allow,deny
Satisfy any
</Location>
Problem is that the user authentication is not passed to foreman, so everything you do is still under the Admin user if you look in the foreman Audit logs.
Is it possible to pass the user authentication from the webserver to the foreman web application?
Updated by Benjamin Papillon over 12 years ago
The problem should be resolved with bug http://theforeman.org/issues/1300
It is available in 1.0 release (currently RC)
Updated by Ohad Levy over 12 years ago
- Status changed from Feedback to Duplicate