14 Dec 2001 14:12
RE: Thanks
Thomas Haukland <Thomas.Haukland <at> ergo.no>
2001-12-14 13:12:02 GMT
2001-12-14 13:12:02 GMT
I experimented some more with the authentication-scheme, and it seems there is a limitation in IIS :( The www-authenticate headers which MRBS uses to get username/password makes IIS try to authenticate user against local user-database (the domain the server is on). Its not possible to change this. I think this behaviour is fundamentally different from how MRBS expects it to behave, and hence renders all other schemes than the auth-ip unusable... > -----Original Message----- > From: Thomas Haukland [mailto:Thomas.Haukland <at> ergo.no] > Sent: 2001 December 14 11:37 > To: 'Rajkumar Seth' > Subject: RE: [Mrbs-general] Thanks > > > I actually just use the ip-thing now. > > Was planning on just making a new "auth"-scheme > called "cookie" which simply takes username from > a cookie which is set on an internal intranet-site. > Not very secure, but not important when this is an > inhouse app. > > You may be right that there are issues with authentication > on WinNT, I havent experimented much with that... > (I just saw from newsgroups that it would not work with CGI-version) > > > -----Original Message----- > > From: Rajkumar Seth [mailto:Seth.Rajkumar <at> GNI.co.uk] > > Sent: 14. desember 2001 11:59 > > To: Thomas Haukland > > Subject: RE: [Mrbs-general] Thanks > > > > > > I have the ISAPI version and other PHP apps work fine. > > I use Mantis an excellent bug tracker. > > > > Which security module are you using? > > > > -----Original Message----- > > From: Thomas Haukland [mailto:Thomas.Haukland <at> ergo.no] > > Sent: 2001 December 14 10:25 > > To: 'Rajkumar Seth' > > Subject: RE: [Mrbs-general] Thanks > > > > > > It doesnt work with PHP as a CGI. > > You need to install the ISAPI version... > > > > > -----Original Message----- > > > From: Rajkumar Seth [mailto:Seth.Rajkumar <at> GNI.co.uk] > > > Sent: 14. desember 2001 11:04 > > > To: Thomas Haukland > > > Subject: RE: [Mrbs-general] Thanks > > > > > > > > > Hi I tried installing MBRS on NT4 with mySQL and MSPWS with > > > the latest PHP > > > but I could not get the security (login bit to work) > > > > > > What did you use for Win2K+IIS? > > > > > > Seth. > > > > > > -----Original Message----- > > > From: Thomas Haukland [mailto:Thomas.Haukland <at> ergo.no] > > > Sent: 2001 December 12 09:20 > > > To: Mrbs (E-mail) > > > Subject: [Mrbs-general] Thanks > > > > > > > > > Very nice software. > > > > > > No hazzle at all to set up on Win2K+IIS > > > > > > The latest PHP is a bit picky on uninitialized vars though, > > and there > > > are quite a few of them in MRBS... > > > Easy to track down and fix, but annoying nonetheless. > > > > > > Keep up the good work ! > > > > > > -- > > > Thomas Haukland > > > ErgoBluegarden AS > > > Postboks 4364 Nydalen, 0402 Oslo > > > Telefon 23 14 50 00, Telefaks 23 14 50 01 > > > Direkte 23 14 53 99, Mobilnr 95 76 80 11 > > > www.ergogroup.no > > > > > > _______________________________________________ > > > Mrbs-general mailing list > > > Mrbs-general <at> lists.sourceforge.net > > > https://lists.sourceforge.net/lists/listinfo/mrbs-general > > > > > > > > > ************************************************************** > > > ********** > > > The contents of this message and any attachments are > > confidential and > > > are intended solely for the attention and use of the > addressee only. > > > Information contained in this message may be subject to legal, > > > professional or other privilege or may otherwise be > > protected by other > > > legal rules. This message should not be copied or forwarded > > > to any other > > > person without the express permission of the sender. If you > > > are not the > > > intended recipient you are not authorised to disclose, copy, > > > distribute > > > or retain this message or any part of it. > > > > > > If you have received this message in error, please notify the > > > sender by > > > telephone (+44-20-7002-4000) and destroy the original message. > > > > > > We reserve the right to monitor all e-mail messages passing > > > through our > > > network. > > > ************************************************************** > > > ********** > > > > > > > > > ************************************************************** > > ********** > > The contents of this message and any attachments are > confidential and > > are intended solely for the attention and use of the addressee only. > > Information contained in this message may be subject to legal, > > professional or other privilege or may otherwise be > protected by other > > legal rules. This message should not be copied or forwarded > > to any other > > person without the express permission of the sender. If you > > are not the > > intended recipient you are not authorised to disclose, copy, > > distribute > > or retain this message or any part of it. > > > > If you have received this message in error, please notify the > > sender by > > telephone (+44-20-7002-4000) and destroy the original message. > > > > We reserve the right to monitor all e-mail messages passing > > through our > > network. > > ************************************************************** > > ********** > > > > > ************************************************************** > ********** > The contents of this message and any attachments are confidential and > are intended solely for the attention and use of the addressee only. > Information contained in this message may be subject to legal, > professional or other privilege or may otherwise be protected by other > legal rules. This message should not be copied or forwarded > to any other > person without the express permission of the sender. If you > are not the > intended recipient you are not authorised to disclose, copy, > distribute > or retain this message or any part of it. > > If you have received this message in error, please notify the > sender by > telephone (+44-20-7002-4000) and destroy the original message. > > We reserve the right to monitor all e-mail messages passing > through our > network. > ************************************************************** > ********** >
RSS Feed