Allow disabling IP address checking for authentication
| Reported by: |
idnar <mithrandi@…> |
Owned by: |
Christopher Lenz |
|
Priority:
|
high
|
Milestone:
|
0.9
|
|
Component:
|
general
|
Version:
|
0.7
|
|
Severity:
|
normal
|
Keywords:
|
|
|
Cc:
|
|
Branch:
|
|
|
Release Notes:
|
|
|
API Changes:
|
|
|
Internal Changes:
|
|
This would make it possible for users behind multi-homed proxy servers to auth properly; currently, if your IP address is variable during a session, you are essentially unable to login properly. Making this an option would allow the additional session security for those that want it, but also allow the added convenience and usability at the cost of a little session security.
Change History
(6)
| Milestone: |
→ 0.8
|
| Priority: |
normal → high
|
| Owner: |
changed from Jonas Borgström to utopiste
|
| Status: |
new → assigned
|
| Owner: |
changed from utopiste to Christopher Lenz
|
| Status: |
assigned → new
|
| Resolution: |
→ fixed
|
| Status: |
assigned → closed
|
Not a bad idea. The session module is ip-independent as well (it just uses the cookie).
I propose adding a Authentication section to trac.ini, for stuff like this, sessions and similar.