[Rt-commit] rt branch, 3.8-trunk, updated. rt-3.8.5-282-gc24deb3
Kevin Falcone
falcone at bestpractical.com
Thu Oct 8 13:05:58 EDT 2009
The branch, 3.8-trunk has been updated
via c24deb3eb734c7f898aadf6e9bd8095027ff39c4 (commit)
from 89af731374bef6940faf35304e4285721711330b (commit)
Summary of changes:
etc/RT_Config.pm.in | 12 ++++++++++++
lib/RT/Interface/Web.pm | 2 +-
2 files changed, 13 insertions(+), 1 deletions(-)
- Log -----------------------------------------------------------------
commit c24deb3eb734c7f898aadf6e9bd8095027ff39c4
Author: Kevin Falcone <falcone at bestpractical.com>
Date: Thu Oct 8 13:05:22 2009 -0400
Add new WebExternalAuthContinuous option and restore previous behavior
diff --git a/etc/RT_Config.pm.in b/etc/RT_Config.pm.in
index 9d33ad4..51a63a0 100755
--- a/etc/RT_Config.pm.in
+++ b/etc/RT_Config.pm.in
@@ -975,6 +975,18 @@ REMOTE_USER variable.
Set($WebExternalAuth, undef);
+=item C<$WebExternalAuthContinuous>
+
+If C<$WebExternalAuthContinuous> is defined, RT will check for the
+REMOTE_USER on each access. If you would prefer this to only happen
+once (at initial login) set this to a false value. The default setting
+will help ensure that if your external auth system deauthenticates a
+user, RT notices as soon as possible.
+
+=cut
+
+Set($WebExternalAuthContinuous, 1);
+
=item C<$WebFallbackToInternalAuth>
If C<$WebFallbackToInternalAuth> is defined, the user is allowed a chance
diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index d6624ce..0e80a10 100755
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -194,7 +194,7 @@ sub HandleRequest {
MaybeShowNoAuthPage($ARGS);
- AttemptExternalAuth($ARGS) unless _UserLoggedIn();
+ AttemptExternalAuth($ARGS) unless ( ! RT->Config->Get('WebExternalAuthContinuous') && _UserLoggedIn();
_ForceLogout() unless _UserLoggedIn();
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list