[mythtv] Simple MythWeb hack...help needed
Mark Rafn
dagon at dagon.net
Thu Nov 15 23:39:46 UTC 2007
On Thu, 15 Nov 2007, Michael Tiller wrote:
> I'm a big OpenID <http://openid.net/> fan and I want to put my MythWeb
> behind an OpenID authentication check. That wasn't so much of a problem,
> but the mod_auth_openid module for Apache only handles authentication, not
> authorization. The rationale there is that the web app should handle
> authorization. So I need a way *in MythWeb* to bounce users based on the
> value of REMOTE_USER. I don't know PHP so I thought perhaps somebody here
> might be able to give me some hints about how to formulate and where to put
> code that would bounce people.
The module handles authentication, not authorization. But Apache handles
both, using the module for authentication and it's own rules for
authorization. Mythweb shouldn't care, unless it wants different
preferences per user or something.
Can you just add
require valid-user
to the config section or .htaccess file that contains your authentication
directive? I use mod_auth_external rather than openid (but now I'll look
into mod_auth_openid, that would be preferable!) to keep my mythweb away
from people outside my household, and it works just fine.
Oh, and don't forget to force SSL-only connections for mythweb if you're
making it externally accessible. Otherwise your openid authentication
token can be stolen.
--
Mark Rafn dagon at dagon.net <http://www.dagon.net/>
More information about the mythtv-dev
mailing list