Feature #11475
closed
Redmine.pm: Allow fallback to other Apache auth providers
0%
Description
The goal was to allow other auth modules to co-exist with Redmine.pm, and thus satisfy special case requests covering global administrative/anonymous requests in addition to those allowd by Redmine based on project relationships. I tried every other possible combinations of Apache directives to achieve this goal, but it looks like by returning AUTH_REQUIRED early in the process, Redmine.pm is becoming authoritative and preventing other modules, i.e. authn_file or authz_svn, to accept valid requests.
Replacing AUTH_REQUIRED with DECLINED seems to solve the problem:
--- Redmine.pm.9887 2012-07-22 22:21:17.410411915 +0200
+++ Redmine.pm 2012-07-22 20:55:00.014411918 +0200
@@ -342,7 +342,8 @@
return OK;
} else {
$r->note_auth_failure();
- return AUTH_REQUIRED;
+# return AUTH_REQUIRED;
+ return DECLINED;
}
}
However, I am not very confident about whether this will satisfy all cases and not break others. Comments and/or suggestions from relevant experts are welcomed and very much appreciated.
Quoting from http://perl.apache.org/docs/2.0/user/handlers/http.html#HTTP_Request_Cycle_Phases
Before discussing each handler in detail remember that if you use the stacked handlers feature all handlers in the chain will be run as long as they return Apache2::Const::OK or Apache2::Const::DECLINED...
Updated by 
Updated by 
Updated by 
Updated by