Go Back   vb.org Archive > vBulletin Modifications > Archive > vB.org Archives > vBulletin 3.0 > vBulletin 3.0 Beta Releases

Reply
 
Thread Tools
HTTP Basic Authentication against vB-Accounts Details »»
HTTP Basic Authentication against vB-Accounts
Version: 1.00, by Andreas Andreas is offline
Developer Last Online: Jan 2023 Show Printable Version Email this Page

Version: 3.0.0 Rating:
Released: 02-12-2004 Last Update: Never Installs: 14
Is in Beta Stage  
No support by the author.

Seeing all those "user integration" requests over and over again I made a small "hack" (not really as no tables, templates or files are modified ) that might be useful if you want to give access to non-forum content based on forum accounts:

HTTP Basic Authentication against vB user table
------------------------------------------------

This "hack" allows you to use HTTP Basic authentication
(password protected directories) based upon vB accounts.

Update Version 0.2
------------------
I've added a configuration option to the .htaccess so
you can specify which usergroup (only one for the moment)
you want to grant access.
If you don't need this feature just leave the line commented out.

Requirements
------------
- vBulletin 3 (at least the user table)
- Apache/mod_perl compiled with support for PerlAuthenHandler
- Basic Authentication feature enabled to be used in .htaccess

Installation
------------
1) Edit vBAuth.pm, fill in the configuration settings (database, etc.)
2) Put vBAuth.pm in your Perl Apache-Moduls directoy
3) (Optional) Edit .htaccess to meet your requirements
4) Put .htaccess in the directory you want to protect

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.

Comments
  #22  
Old 03-06-2004, 03:50 PM
Andreas's Avatar
Andreas Andreas is offline
 
Join Date: Jan 2004
Location: Germany
Posts: 6,863
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

No. This hack will only work with Apache (who uses IIS anyway ^.^).

For IIS and ISAPI Authentication Filter would be required.
I am not all familiar with IIS (haven't used it yet) but i'll try to write one, although this might take some days.
Reply With Quote
  #23  
Old 03-06-2004, 04:24 PM
Chrissicom's Avatar
Chrissicom Chrissicom is offline
 
Join Date: Mar 2004
Location: Austria / Germany
Posts: 43
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

would be great to have this working with IIS
Reply With Quote
  #24  
Old 03-11-2004, 04:37 AM
Rampag33's Avatar
Rampag33 Rampag33 is offline
 
Join Date: Jun 2002
Location: Houston, Texas
Posts: 162
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Great mod. Will have to wait to see if the admin has the mod_perl compiled.
Reply With Quote
  #25  
Old 03-11-2004, 01:02 PM
Yoshy Yoshy is offline
 
Join Date: Aug 2003
Location: Canada
Posts: 23
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Bug:
1st line of vBAuth.pm is package Apache::vBAuth2;
In the .htaccess it's PerlAuthenHandler Apache::vBAuth

You might want to put PerlAuthenHandler Apache::vBAuth2 in the htaccess


Also on my server I had to remove PerlOptions +GlobalRequest to make it work.

This is perfect for my test forum ! Thanks
[high] * Yoshy installs ![/high]
Reply With Quote
  #26  
Old 03-11-2004, 04:41 PM
Rampag33's Avatar
Rampag33 Rampag33 is offline
 
Join Date: Jun 2002
Location: Houston, Texas
Posts: 162
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

don't have that module install or I would install it. Damn and I was so close.
Reply With Quote
  #27  
Old 04-15-2004, 07:45 PM
my username my username is offline
 
Join Date: Apr 2004
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

So much for all the work the vb team has spent on making the application as secure as possible (application-level security).

HTTP basic auth. (http://www.ietf.org/rfc/rfc2617.txt) sends the password in clear text for every HTTP-request made to the server (when using cookies you're at least able transfer a hashed version of the password for each request)...this is why the W3C tell you NOT to use HTTP basic auth.

Why not just include/require global.php in the scripts that are "off-forum"?

http://www.w3.org/Security/Faq/wwwsf2.html
http://www.xiven.com/sourcecode/digestauthentication
Reply With Quote
  #28  
Old 11-15-2004, 02:49 AM
JohnBee JohnBee is offline
 
Join Date: Oct 2004
Posts: 544
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Any chance this mod will get out of beta?
I want to install it on my server but the admins will not add beta material
on serverside.
Reply With Quote
  #29  
Old 11-15-2004, 03:06 AM
AN-net's Avatar
AN-net AN-net is offline
 
Join Date: Dec 2003
Location: AnimationTalk.com
Posts: 2,367
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

wow great hack!!! wish i had root access
Reply With Quote
  #30  
Old 11-15-2004, 03:36 AM
HiDeo's Avatar
HiDeo HiDeo is offline
 
Join Date: Oct 2003
Posts: 306
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Nice jobs, thanks
Reply With Quote
  #31  
Old 11-16-2004, 10:16 AM
JohnBee JohnBee is offline
 
Join Date: Oct 2004
Posts: 544
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

My hosting company will not add any Beta files to there serverside
modules, can you tell me if you have any plans of moving this to
full release anytime soon?
Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 08:42 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04492 seconds
  • Memory Usage 2,292KB
  • Queries Executed 25 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (6)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (3)pagenav_pagelink
  • (11)post_thanks_box
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete