[mythtv] Simple MythWeb hack...help needed

Michael Tiller michael.tiller at gmail.com
Thu Nov 15 23:54:43 UTC 2007


On Nov 15, 2007 6:39 PM, Mark Rafn <dagon at dagon.net> wrote:

> On Thu, 15 Nov 2007, Michael Tiller wrote:
>
>
> The module handles authentication, not authorization.  But Apache handles
> both, using the module for authentication and it's own rules for
> authorization.  Mythweb shouldn't care, unless it wants different
> preferences per user or something.


Yes, I was thinking the same thing...

Can you just add
>    require valid-user


That by itself doesn't work.  It says I need to specify AuthType.  But I
have not idea what to set it to.  If I set it to "Basic", it prompts me for
a password.  So if you know what I need to put there, that would be great.

Oh, and don't forget to force SSL-only connections for mythweb if you're
> making it externally accessible.  Otherwise your openid authentication
> token can be stolen.


Hmmm...is that really true?  My OpenID provider is VeriSign and I'm pretty
sure they only allow https for requests.


> --
> Mark Rafn    dagon at dagon.net    <http://www.dagon.net/>
>

--
Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mythtv.org/pipermail/mythtv-dev/attachments/20071115/05dff7d4/attachment.htm 


More information about the mythtv-dev mailing list