u/pc/rhodecode-enterprise-ce-fork-pc Files · docs/auth/auth.rst

security: make sure the admin of repo can only delete comments which are from the same repo....

security: make sure the admin of repo can only delete comments which are from the same repo. - fixes IDOR issue - protects against other people comment deletion by repo admins.

marcink - - Load All Authors

File last commit:

r1:854a839a default


                r1818:1ced1b24

default

Download file

             auth.rst
        
                    37 lines
            
             | 995 B
            
                | text/x-rst
            
             |
                RstLexer
            
             / docs / auth / auth.rst
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        marcink
    
project: added all source files and assets

              r1
            
      .. _authentication-ref:

      Authentication Options

      ======================

      |RCE| provides a built in authentication plugin

      ``rhodecode.lib.auth_rhodecode``. This is enabled by default and accessed

      through the administrative interface. Additionally,

      |RCE| provides a Pluggable Authentication System (PAS). This gives the

      administrator greater control over how users authenticate with the system.

      .. important::

        You can disable the built in |RCM| authentication plugin

        ``rhodecode.lib.auth_rhodecode`` and force all authentication to go

        through your authentication plugin. However, if you do this,

        and your external authentication tools fails, you will be unable to

        access |RCM|.

      |RCM| comes with the following user authentication management plugins:

      .. only:: latex

          * :ref:`config-ldap-ref`

          * :ref:`config-pam-ref`

          * :ref:`config-crowd-ref`

          * :ref:`config-token-ref`

      .. toctree::

          ldap-config-steps

          crowd-auth

          pam-auth

          token-auth

          ssh-connection

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

marcink project: added all source files and assets	r1	.. _authentication-ref:

		Authentication Options
		======================

		\|RCE\| provides a built in authentication plugin
		``rhodecode.lib.auth_rhodecode``. This is enabled by default and accessed
		through the administrative interface. Additionally,
		\|RCE\| provides a Pluggable Authentication System (PAS). This gives the
		administrator greater control over how users authenticate with the system.

		.. important::

		You can disable the built in \|RCM\| authentication plugin
		``rhodecode.lib.auth_rhodecode`` and force all authentication to go
		through your authentication plugin. However, if you do this,
		and your external authentication tools fails, you will be unable to
		access \|RCM\|.

		\|RCM\| comes with the following user authentication management plugins:

		.. only:: latex

		* :ref:`config-ldap-ref`
		* :ref:`config-pam-ref`
		* :ref:`config-crowd-ref`
		* :ref:`config-token-ref`

		.. toctree::

		ldap-config-steps
		crowd-auth
		pam-auth
		token-auth
		ssh-connection