[horde] alarms - permission denied

Michael Redinger Michael.Redinger at uibk.ac.at
Mon Mar 17 09:30:49 UTC 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

ok, I tried to track this down:

I call the alarm script eg. as root like this:

/usr/bin/php /var/www/html/horde/admin/alarms.php

alarms.php checks if the user has admin permissions:
if (!Auth::isAdmin()) {
    Horde::authenticationFailureRedirect();
}


Now in lib/Horde/Auth.php in function isAdmin, the user is checked:
if (is_null($user)) {
        $user = Auth::getAuth();
}

$user is null (ok because isAdmin is called without arguments), and
getAuth does not find a user because $_SESSION['__auth'] is not set:
if (isset($_SESSION['__auth'])) {
   if (!empty($_SESSION['__auth']['authenticated']) &&
      !empty($_SESSION['__auth']['userId'])) {
      return $_SESSION['__auth']['userId'];
   }
}


So, to be it seems as if $_SESSION['auth'] should be set but is not.
How should the session be correctly set by the alarm script if called
from the command line?


Thanks,
Michael



Jan Schneider wrote:
> Zitat von Michael Redinger <Michael.Redinger at uibk.ac.at>:
> 
>> Jan Schneider schrieb:
>>> Zitat von Michael Redinger <Michael.Redinger at uibk.ac.at>:
>>>
>>>> Using RC3, I tried to run the alarm script again.
>>>> First, I had to set
>>>> $conf['session']['use_only_cookies'] = false;
>>>> Otherwise the script would output the error
>>>> "Session cookies will not work without a FQDN and with a non-empty
>>>> cookie domain. ..."
>>>>
>>>> Now I get the following error message:
>>>> "Fatal Error:
>>>> You are not authenticated."
>>>>
>>>> I am using IMP for the horde authentication.
>>>>
>>>> $conf['auth']['admins'] is set (array of users).
>>>> When you say "And you need to have an administrator defined": Does
>>>> this mean that this
>>>> can be any user?  Or do I need to add a specific user?
>>> Any user.
>>>
>>>> Under which user should the script be run (root, http user, ...)?
>>> Probably makes most sense to use the http user to avoid permission
>>> problems if accessing cache files or temporary files.
>>
>> Ok, I have done that - but the problem (error mesage "not
>> authenticated") remains the same.
>> Any ideas on how to solve this?
> 
> Not if you really have the latest Horde version.
> 
> Jan.
> 


- --
Michael Redinger
Zentraler Informatikdienst (Central IT Services)
Universitaet Innsbruck
Technikerstrasse 13                    Tel.: ++43 512 507 2335
6020 Innsbruck                         Fax.: ++43 512 507 949 02335
Austria                                Mail: Michael.Redinger at uibk.ac.at
BB98 D2FE 0F2C 2658 3780  3CB1 0FD7 A9D9 65C2 C11D
http://homepage.uibk.ac.at/~c102mr/mred-pubkey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFH3jpJD9ep2WXCwR0RAnUKAKDZ0ghkcv/J/cu782Yz8mgSlJXUAACgjRJ5
AoQLTkbMA4nOdHUi9HCcUGQ=
=QUon
-----END PGP SIGNATURE-----

More information about the horde mailing list