You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Pål Baltzersen <pa...@imap.ost.eltele.no> on 2001/12/10 15:20:53 UTC
REMOTE_GROUP patch
Apache sets the env REMOTE_USER which is nice, but in several CGI applications I
missed the ability to know which group the user authenticated as, without having
to parse the group-file. So I made this little patch that sets the env
REMOTE_GROUP to the group (first match) a user was authenticated with. I think
the performance penalty is microscopic.
--
Regards
Tele Danmark InterNordia
Pål Baltzersen
Seniorkonsulent, Cand. Scient.
********************************************************************
Addr: Fredrik Selmers vei 2, P.O. Box 6299 Etterstad, NO-0603 Oslo
Phone: +47 23 18 10 00 Direct: +47 23 18 11 74
Fax: +47 23 18 10 01 Mobile: +47 93 08 11 74
Mail: pb@teledanmark.no pal.baltzersen@teledanmark.no
Web: www.teledanmark.no
********************************************************************
ElTele Øst endrer profil til Tele Danmark InterNordia
RE: REMOTE_GROUP patch
Posted by Joshua Slive <jo...@slive.ca>.
> From: Rodent of Unusual Size [mailto:Ken.Coar@Golux.Com]
>
> Pål Baltzersen wrote:
> >
> > So I made this little patch that sets the env REMOTE_GROUP to
> > the group (first match) a user was authenticated with. I think
> > the performance penalty is microscopic.
>
> There are some problems with this patch:
> 2. It only touches some of the files involved; it should also
> hit suexec.c and mod_setenvif.c at a minimum.
Although apparently REMOTE_USER is not working in mod_setenvif either, so
adding REMOTE_GROUP would probably be pointless.
Joshua.
Re: REMOTE_GROUP patch
Posted by Rodent of Unusual Size <Ke...@Golux.Com>.
Pål Baltzersen wrote:
>
> So I made this little patch that sets the env REMOTE_GROUP to
> the group (first match) a user was authenticated with. I think
> the performance penalty is microscopic.
There are some problems with this patch:
1. It munges the middle of the conn_rec structure, breaking
binary compatibility across the board.
2. It only touches some of the files involved; it should also
hit suexec.c and mod_setenvif.c at a minimum.
[The sender is not subscribed to this list.]
--
#ken P-)}
Ken Coar, Sanagendamgagwedweinini http://Golux.Com/coar/
Author, developer, opinionist http://Apache-Server.Com/
"All right everyone! Step away from the glowing hamburger!"