Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ADD] Authentication via HTTP Remote User 8.0 #34

Closed
wants to merge 17 commits into from
Closed

[ADD] Authentication via HTTP Remote User 8.0 #34

wants to merge 17 commits into from

Conversation

lmignon
Copy link
Contributor

@lmignon lmignon commented Aug 5, 2014

The module allows integration with external security systems (Shibolleth, Tivoli access manager, ..) that can pass along authentication of a user via Remote_User HTTP header field. In many cases, this is achieved via server like Apache HTTPD or nginx proxying Odoo.

lmignon and others added 17 commits July 25, 2014 16:42
@lmignon
[ADD] This module initialize the session by looking for the field HTT…
7dd5bc6 
…P_REMOTE_USER in the HEADER of the HTTP request and trying^Co bind the given value to a user
@lmignon
port auth_from_http_remote_user to 8.0
c893a70
@lmignon
[PEP8] line lenght is now ridiculous (80 chars)
2f51036
@lmignon
[FIX] if the default login page is disabled, redirect with *401*
9b99c2d
@lmignon
Improve module description
ec8f4a7
@lmignon
Addons configuration parameter is now a field part of the Authenticat…
8f9fcae 
…ion group from base_setup�[C
@lmignon
Improve doc
68e03a3
@lmignon
Code simplification: remove overkill method
1675ae6
@lmignon
Improve doc
8a23567
@lmignon
[FIX] properlyt return the Unauthorized() response to avoid warning i…
a70e133 
…n the log file
@lmignon
[FIX] always check the uid in the session and the one in the request …
d68a47f 
…to avoid session mismatch...
@lmignon
[PEP8]
97f4917
@lmignon
[FIX] return 'None' if no user name is found in the request hearder
8c7115e
@lmignon
If HTTP_REMOTE_USER is in the request headers and no corresponding us…
436ffcd 
…er is found in odoo always issues Unauthorized (avoid redirect to the login page)

If the uid in the session is not the same as the one from the binded HTTP_REMOTE_USER, always logout to clean up the session
@sbidoul
auth_http_remote_user: slight reorganization and some comments (logic…
68e96cd 
… remains identical)
@sbidoul
auth_from_http_remote_user: remove unneeded browse
5e79ce2
@sbidoul
auth_http_remote_user: test if already authenticated based on login i…
c2fec40 
…nstead of uid

Avoids a database query unless authentication is actually required.
@sbidoul
Copy link
Member

sbidoul commented Aug 5, 2014

👍 code review and tests

@pedrobaeza pedrobaeza mentioned this pull request Aug 13, 2014
Closed
@gurneyalex
Copy link
Member

please resubmit on the 8.0 branch

@gurneyalex gurneyalex closed this Aug 20, 2014
@lmignon lmignon mentioned this pull request Aug 25, 2014
Merged
modoolar-bot pushed a commit to modoolar/oca-server-tools that referenced this pull request Jan 14, 2022
@OCA-git-bot
Merge PR OCA#34 into 12.0
a8b4a6f 
Signed-off-by sebastienbeau
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lmignon @sbidoul @gurneyalex