Modify ↓
Ticket #507 (closed enhancement: fixed)
Opened 8 years ago
Last modified 5 years ago
Allow disabling IP address checking for authentication
| Reported by: | idnar <mithrandi@…> | Owned by: | cmlenz |
|---|---|---|---|
| Priority: | high | Milestone: | 0.9 |
| Component: | general | Version: | 0.7 |
| Severity: | normal | Keywords: | |
| Cc: | |||
| Release Notes: | |||
| API Changes: | |||
Description
This would make it possible for users behind multi-homed proxy servers to auth properly; currently, if your IP address is variable during a session, you are essentially unable to login properly. Making this an option would allow the additional session security for those that want it, but also allow the added convenience and usability at the cost of a little session security.
Attachments
Change History
comment:1 Changed 8 years ago by daniel
- Milestone set to 0.8
- Priority changed from normal to high
comment:2 Changed 7 years ago by daniel
- Milestone changed from 0.8 to 0.9
comment:3 Changed 7 years ago by utopiste
- Owner changed from jonas to utopiste
- Status changed from new to assigned
comment:4 Changed 7 years ago by cmlenz
- Owner changed from utopiste to cmlenz
- Status changed from assigned to new
Taking over.
comment:5 Changed 7 years ago by cmlenz
- Status changed from new to assigned
comment:6 Changed 7 years ago by cmlenz
- Resolution set to fixed
- Status changed from assigned to closed
Fixed in [1361].
Note: See
TracTickets for help on using
tickets.
Not a bad idea. The session module is ip-independent as well (it just uses the cookie).
I propose adding a Authentication section to trac.ini, for stuff like this, sessions and similar.