Improvements for authentication using REMOTE_USER

Review Request #412 — Created June 12, 2008 and discarded — Latest diff uploaded


Review Board SVN (deprecated)


This patch aims to increase awareness of a specific need related to the use of Review Board in a corporate environment: the use of single sign on logins. In this case, the user authenticates once and the Apache server communicates the user name to Review board through Django. There is no more need for login and logout links as authentication is done when the user logs in its terminal or through its browser.

Because the current patch waiting for inclusion into Django's repository does not provide for a system to detect that web authentication is performed, a new variable called WEBAUTH is introduced in "settings". Its use in the template is straightforward. The manner in which the detection of web authentication is inelegant. Maybe this patch can be improved or maybe it is preferable to improve the patch for Django.
The change (with commented out code activated) have been deployed on my company servers which runs with the latest patch (t689-r7609.diff) for Django ticket #689. Review board is installed on a Centos 5 Apache box. It works properly.