ltib
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ltib] ppp wget authentication

From: Stuart Hughes
Subject: Re: [Ltib] ppp wget authentication
Date: Fri, 24 Aug 2012 08:59:00 +0100
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.28) Gecko/20120313 Lightning/1.0b2 Thunderbird/3.1.20 
Hi Mike,
On the authentication stuff, it depends what you mean. If you want to restrict access you could do this on the server side and use Apache "allow from" clauses, another mechanism would be to use one of the HTTP auth methods, basic (which is almost useless) or md5, which isn't bad. The other thing you could do is to use a server side script. For example, the LTIB GPP access is intercepted by mod_rewrite and a script is run, this is used to limit the bandwidth per hour per IP requests. You could do something similar for auth.
I'm a bit wary about adding any auth mechanism into LTIB, because whichever one is put in, it won't be the one user xyz wants, so that will get added and it could all get horribly out of control. However, I've no real objections to adding %ppp_opts etc. It really depends on what you intend to do with them. What kind of auth mechanism did you have in mind?
So far as WGETRC goes, this is another tricky issue. On the one hand I don't really want to prevent people having some control by setting this to some override value that doesn't kill LTIB, on the other hand you're right that potentially bad values could cause it to kill ltibs wgets. 

Regards, Stuart

On 23/08/12 13:36, Mike Goins wrote:

I maintain a local gpp and ppp.  I use the gpp for FOSS items and keep
a few vendor items in the ppp.  This allows the gpp to be publicly
available, but the ppp is only accessible on the company network.
However, I would like to put some sort of authentication on the ppp
and make it external facing.   This would allow moving my continuous
integration systems off-site.

There doesn't appear to any method to put credentials in ltib, so I am
looking at a way to add. What I have come up with so far.

Add new configs to .ltibrc to allow site specific opts:
%gpp_opts
%ppp_opts

In get_remote_file(), since it iterates over the pp list, append these
options to the wget_opts.


Seem OK?  Has anyone else used or tried authentication?


Side note:   Shouldn't ltib be setting the WGETRC environment variable
anyway, even if to a non-existent location?   ltib uses the host built
/opt/ltib/usr/bin/wget, so it would seem prudent to avoid getting the
user's .wgetrc which may interfere with the the parameters ltib has
set up or add parameters that ltib "skips".
reply via email to
[Prev in Thread] Current Thread [Next in Thread]