Closed (duplicate)
Project:
Entity Share
Version:
8.x-2.x-dev
Component:
User interface
Priority:
Normal
Category:
Feature request
Assigned:
Unassigned
Reporter:
Created:
14 Dec 2017 at 15:23 UTC
Updated:
27 Jul 2018 at 10:03 UTC
Jump to comment: Most recent, Most recent file
Comments
Comment #2
grimreaperComment #3
grimreaperAs there is already a usage of the basic auth, a way to go through HTTP authentication is to use an user (when creating a remote website entity) for entity share with the same name and password as the HTTP authentication.
I think the RemoteManager::prepareClient method will need a small adaptation but I need to prepare a testing environment.
Comment #5
grimreaperMethod adapted.
But there is a side effect on having a Drupal user with the same name/password as the HTTP authentication: #2842858: Basic Auth module conflicts with server-level "Site Lock" implementations.
There is a workaround for that: https://www.drupal.org/project/basic_auth_global
But then with basic_auth, there is no Session cookie, so no form are submittable.
So integration with another ahtentication method such as Oauth will be required soon.
Comment #6
grimreaperComment #8
grimreaperCommit reverted as there is a side effect when there is no HTTP Authentication.
Comment #9
grimreaperBack to active.
It should be handled when reworking the authentication system: #2856713: Authentication plugins and HTTP authentication
Comment #10
dakwaminePlease check my patch if you need to have basic auth working with entity_share, especially for file fetch on synchronization. I had to add auth credentials to the post request to pass through the authentication.
This may be not ideal but it currently works.
Comment #11
grimreaperHello,
Thanks for the patch
But it seems to be almost the same thing as the commit https://cgit.drupalcode.org/entity_share/commit/?id=698fbfb that I had to revert because of side effects.
Can you please explain the difference?
Also, please change the issue status if needed.
Comment #12
dakwamineHello!
What were your side effects? I have not found any on my install.My install is kind of particular because I have shield + basic_auth + entity_share enabled at the same time.
I did not find your commit before sending this patch but there is a very slight difference between our implementations. In my case, the auth key is not added to the $http_client, but instead appended in the post() method, which looks like to be the recommended way by the guzzle team when using guzzle v4+.
Do you think this would be enough to remove the side effects you have had?(what status would be ideal when exchanging our thoughts on an issue?)
Update: I just remembered the side effect you mentioned. I remember having trouble to use the login form, maybe is it the same side effect you have mentioned?
Comment #13
dakwamineIn my install, entity_share could grab distant files through the basic authentication system by using an existing Drupal user.
The system works fine. The only "drawback", if it is a real one, is that we better not use this user to authenticate as a real user. It would just be a "system" user with a role with a restricted set of rights only for the purpose of entity sharing.
But as I said, this looks definitely not ideal.
Comment #14
grimreaperHello,
Thanks for your answer.
The side effect I encountered is described in comment #5.
I have never used HTTP authentication with shield, I will test it (one day, I don't know when).
(issue status: if there is a patch to review, issue status should be "needs review" :) )
If your patch is working for you, good.
Sorry but I don't have time to test it now and I prefer to have it configurable in the remote config entity. So I will not merge.
Comment #15
grimreaperThe handling will be done in #2856713: Authentication plugins and HTTP authentication.