View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|17542||Bug reports||Authentication||public||2021-08-26 10:22||2022-01-11 11:41|
|Summary||17542: Authwebserver plugin not working anymore|
|Description||The Authwebserver does not work anymore and is not protecting the administration anymore properly. |
This is because some administrative URLs don't use the /admin prefix anymore after refactoring some controllers.
For example when creating a survey the URL is currently
A webserver authentication applied to /admin would not work here.
|Tags||No tags attached.|
|Complete LimeSurvey version number (& build)||.|
|I will donate to the project if issue is resolved||No|
|Database type & version||.|
|Server OS (if known)||.|
|Webserver software & version (if known)|
- The Authwebserver plugin is rarely used so the issue is considered to be low priority
- We cannot just move the refactored controllers to /admin because the old and new way to call controllers would collide.
- It makes sense to have path-wise the controllers in a directory to have a clear separation between survey-taking and administration
How to fix this:
- Establish a differently named subdirectory in /controllers , for example /administration
- Move the refactored controllers there, correct paths/views etc.
- Keep refactoring old controllers
This would allow webauth to be used if applied on /admin and /administration directory.
This should happen in the dev branch because moving the controllers is quite extensive
Many thanks for your response. Is there any another options?
Self user registration?
We are Univercity College and we have obout 15K potentials users. It was easy to login with SSO with college account.
Any other sugestions?
thanks for any help
I think the Authwebserver plugin is different from SSO (LimeSAML plugin). If you want to use SSO, this will work.
|Authwebserver plugin could be extended to check for "Administration" in the controller URL, perhaps?|
We used Authwebserver already 10 years with Shibboleth login. Can I use another alternative? Where can I download LimeSAML plugin? How to install it?
We are also interested in troubleshooting this plugin. Because without it, we cannot switch to LS5 in an organization with almost 14,000 potential users.
We would also like to know the details of the problem, because we have a dedicated plugin based on the same solution, but for the frontend in terms of identifying survey participants (automatic token assignment) in the intranet environment.
|The details of the problem are in the issue description above.|
|2021-08-26 10:22||c_schmitz||New Issue|
|2021-08-26 10:22||c_schmitz||Status||new => assigned|
|2021-08-26 10:22||c_schmitz||Assigned To||=> c_schmitz|
|2021-08-26 10:22||c_schmitz||Priority||none => low|
|2021-08-26 10:22||c_schmitz||Severity||minor => block|
|2021-08-26 10:27||c_schmitz||Note Added: 66149|
|2021-08-26 10:27||c_schmitz||Bug heat||0 => 2|
|2021-08-26 10:29||c_schmitz||Description Updated||View Revisions|
|2021-08-26 11:24||c_schmitz||Note Edited: 66149||View Revisions|
|2021-08-27 12:10||nohcho82||Note Added: 66155|
|2021-08-27 12:10||nohcho82||Bug heat||2 => 4|
|2021-08-30 14:06||galads||Note Added: 66183|
|2021-08-30 14:06||galads||Bug heat||4 => 6|
|2021-08-30 14:06||galads||Issue Monitored: galads|
|2021-08-30 14:06||galads||Bug heat||6 => 8|
|2021-09-17 16:14||ollehar||Note Added: 66521|
|2021-09-17 16:14||ollehar||Bug heat||8 => 10|
|2021-09-17 16:16||ollehar||Status||assigned => acknowledged|
|2021-09-20 15:05||nohcho82||Note Added: 66529|
|2022-01-11 08:52||alorenc||Issue Monitored: alorenc|
|2022-01-11 08:52||alorenc||Bug heat||10 => 12|
|2022-01-11 08:54||2BITS_PL||Issue Monitored: 2BITS_PL|
|2022-01-11 08:54||2BITS_PL||Bug heat||12 => 14|
|2022-01-11 10:13||2BITS_PL||Note Added: 67949|
|2022-01-11 10:13||2BITS_PL||Bug heat||14 => 16|
|2022-01-11 11:16||DenisChenu||Issue Monitored: DenisChenu|
|2022-01-11 11:16||DenisChenu||Bug heat||16 => 18|
|2022-01-11 11:41||ollehar||Note Added: 67951|