Open ninsbl opened 8 years ago
mayank33
commented
8 years ago since it was meant for a server based system, so we put a google authorization which takes into account where it is going to be hosted. I made changes in the API. Check if it logins. If not then try webgrass from here [https://github.com/mayank33/webgrass/tree/gsoc2016] authorization is not implemented here.
rashadkm
commented
8 years ago we can try to allow users to build webgrass with an option for enable/disable oAuth. But that can be a fix after gsoc?
On Tue, Aug 16, 2016 at 8:57 PM, Mayank Agrawal notifications@github.com wrote:
since it was meant for a server based system, so we put a google authorization which takes into account where it is going to be hosted. I made changes in the API. Check if it logins. If not then try webgrass from here [https://github.com/mayank33/webgrass/tree/gsoc2016] authorization is not implemented here.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/rashadkm/webgrass/issues/19#issuecomment-240202741, or mute the thread https://github.com/notifications/unsubscribe-auth/ACSNO26XfOeWon3sZjI0YbruuFDYhhqIks5qgggpgaJpZM4JluxW .
Regards, Rashad
ninsbl
commented
8 years ago Thanks for your swift replies!
Now login proceeds so you might close this issue. However, since my server is behind a firewall it does not fully succeed (so I cannot give you feedback if it runs all the way through.
Being able to enable/disable oAuth sounds great! No hurry for me.
WebGRASS looks really promising! So thanks for all your work this summer!
mayank33
commented
8 years ago Removing the auth is a very easy. A single line change. But I will try to add the option in build to configure auth while cmake
rashadkm
commented
8 years ago that sounds great!
On Tue, Aug 16, 2016 at 10:07 PM, Mayank Agrawal notifications@github.com wrote:
Removing the auth is a very easy. A single line change. But I will try to add the option in build to configure auth while cmake
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/rashadkm/webgrass/issues/19#issuecomment-240221706, or mute the thread https://github.com/notifications/unsubscribe-auth/ACSNO-Pz_vGxl6tjOTT5pfeVOUBsEvoRks5qghiAgaJpZM4JluxW .
Regards, Rashad
ninsbl
commented
8 years ago Please allow me three more questions in this regards: 1) should we continue in a new issue (as the original issue seems to be solved) 2) Is authentication also the reason for specifying the path to grass7.rc of a specific user in compilation? 3) Does that mean that the current alternative to "OAuth" is "No auth"? Or is system login the fallback solution? Would it be very much work to implement other authentication options, e.g. LDAP?
Just for me to understand. Thanks, Stefan
rashadkm
commented
8 years ago On Wed, Aug 17, 2016 at 8:03 AM, Stefan Blumentrath < notifications@github.com> wrote:
Please allow me three more questions in this regards:
1) should we continue in a new issue (as the original issue seems to be solved)
if related to authentication, there is no harm in keeping notes in single place. But if you want to open up a new one, feel free to do so.
2) Is authentication also the reason for specifying the path to grass7.rc of a specific user in compilation? grass rc issue is a temporary one. we discussed about a fix for that.
3) Does that mean that the current alternative to "OAuth" is "No auth"? Or is system login the fallback solution? Would it be very much work to implement other authentication options, e.g. LDAP?
oAuth is not google only, it works with openid and others. But due to time contraints, we put up with google only. We haven't worked with LDAP yet. So we cannot comment on a ETA of when we can add LDAP.
But we can put this into wishlist of wegrass. I will add a wiki for that. You can add LDAP and other things. the code is still in state of flux, we are doing testing on our side and if you found something let us know.
Just for me to understand. Thanks, Stefan
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/rashadkm/webgrass/issues/19#issuecomment-240321231, or mute the thread https://github.com/notifications/unsubscribe-auth/ACSNO6_XrvP8zSGssIOFlT8bSQrGb-9Eks5qgqQqgaJpZM4JluxW .
Regards, Rashad
ninsbl
commented
8 years ago oAuth is not google only, it works with openid and others.
I see. I just misunderstood (I am more a user than a system admin or developer). So OAuth probably is`nt that bad after all. Still, in current stage, WebGRASS cannot be used with authentication behind a firewall.
But we can put this into wishlist of wegrass. I will add a wiki for that.
Nice, thanks! I expect more ideas / wishes pop up when people start testing WebGRASS more seriously...
ninsbl
commented
8 years ago Tried you latest commit and it works now nicely without authentication. Thanks for that. It helps exploring WebGRASS. I am wondering which system user is used then? The one that started WebGRASS or the one who`s grassrc is used during compilation.
epifanio
Hi again,
now I get the following error when I try to login with google.
BTW, is there no alternative to login with google? Cannot users on the system login with their accounts there?
Error: redirect_uri_mismatch
Application: WebGrass
You can email the developer of this application at: mayankagrawal333@gmail.com
The redirect URI in the request, http://localhost:8080/oauth2callback, does not match the ones authorized for the OAuth client. Visit https://console.developers.google.com/apis/credentials/oauthclient/200012893128-l5doehe2iu1mv05t8bn01bdj0h20konr.apps.googleusercontent.com?project=200012893128 to update the authorized redirect URIs.