[ckan-discuss] CKAN Basic Authentication bug

David Read david.read at hackneyworkshop.com
Wed Aug 7 13:39:01 BST 2013


I guess this is because sets the Authorization header, which the web
interface seems to be picking up. I don't think CKAN using this header
is an abuse of HTTP (although correct me if I'm wrong), so having the
Basic Auth on top of CKAN is just a use case that hasn't been
considered before. I expect this could be solved relatively easily in
the CKAN code, so do dive in or commission someone to submit a
suitable pull request.

David

On 5 August 2013 14:02, Jan Vansteenlandt <jan at okfn.be> wrote:
> Hi all,
>
> I've got the following problem for which I couldn't find any solutions
> online. I have installed a CKAN on a webserver and it's necessary that
> before anyone can even enter the CKAN instance they should enter their Basic
> Authentication credentials first.
>
> This is easily done by providing an location tag with auth modules in the
> .htaccess of the virtualhost. Now, as this works nicely once for after
> authentication I get to see my CKAN instance, it doesn't allow me to log
> into CKAN itself. If I hit the login button, it returns a too many redirects
> and if I hit register it tells me I'm already logged in....even though I get
> no panel or anything. So it thinks I'm already logged in because of the
> server Basic Authentication in front of the CKAN instance.
>
> So my question is, is this normal behaviour, I think a Basic Authentication
> shouldn't be influencing with the internal authentication of CKAN? If this
> however is indeed not possible, what would you suggest to allow for similar
> behaviour, so that people first have to log in before being able to see the
> CKAN itself.
>
> I'm working on a 2.0.1 version of CKAN.
>
> Best regards,
>
> Jan
>
> _______________________________________________
> ckan-discuss mailing list
> ckan-discuss at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/ckan-discuss
> Unsubscribe: http://lists.okfn.org/mailman/options/ckan-discuss
>



More information about the ckan-discuss mailing list