Projects
Wiki     Timeline     Roadmap     Browse Source     View Tickets     New Ticket     Search

Ticket #239 (new Defect)

Opened 12 months ago

Last modified 12 months ago

Need to support Digest for sudoers always

Reported by: dreid@… Owned by: dreid@…
Priority: 2: Expected Milestone: CalendarServer-2.0
Component: Calendar Server Severity: Security
Keywords: Cc:

Description

Currently we accept sudoer authentication for whatever methods are enabled in the config file, if only kerberos is enabled in the config then sudoers can not authenticate to the calendar server. This causes a 210 error when viewing the web calendar.

Change History

Changed 12 months ago by wsanchez@…

  • reporter changed from wsanchez@… to dreid@…

Auth challenge for Digest should only happen if we know that the request is coming from the wiki server (or another service attempting to auth as a sudo user). This is detectable by the presence of the X-AUTHORIZE-AS header in the request.

Note: See TracTickets for help on using tickets.