github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-12 02:24:21 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

Disable password confirmation when using SSO (reverse proxy) authentication #982

New Issue
Closed
opened 2025-11-02 03:44:16 -06:00 by GiteaMirror · 3 comments
GiteaMirror commented 2025-11-02 03:44:16 -06:00
Owner
Copy Link

Originally created by @kuklinistvan on GitHub (Aug 20, 2017).

  • Gitea version (or commit ref):
  • Git version: 1.1.3
  • Operating system: Arch Linux
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes (provide example URL)
    • No
    • Not relevant
  • Log gist: (?)

Description

I've set up a Gitea instance and configured it to authenticate users against mod_auth_kerb with these options to provide SSO service:

REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
ENABLE_REVERSE_PROXY_AUTHENTICATION    = true
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true

In apache vhosts configuration:

...
        RequestHeader set X-WEBAUTH-USER expr=%{REMOTE_USER}
...

Now, as expected, I cannot use any functions that require password confirmation as my Gitea instance is not prepared to be aware of using this external authentication source. A solution would be to disable password confirmation, I guess. (had a similar issue with NextCloud)

Screenshots

Password confirmation

Originally created by @kuklinistvan on GitHub (Aug 20, 2017). <!-- 1. Please speak English, this is the language all of us can speak and write. 2. Please ask questions or configuration/deploy problems on our Discord server (https://discord.gg/NsatcWJ) or forum (https://discourse.gitea.io). 3. Please take a moment to check that your issue doesn't already exist. 4. Please give all relevant information below for bug reports, because incomplete details will be handled as an invalid report. --> - Gitea version (or commit ref): - Git version: 1.1.3 - Operating system: Arch Linux - Database (use `[x]`): - [x] PostgreSQL - [ ] MySQL - [ ] MSSQL - [ ] SQLite - Can you reproduce the bug at https://try.gitea.io: - [ ] Yes (provide example URL) - [x] No - [x] Not relevant - Log gist: (?) ## Description I've set up a Gitea instance and configured it to authenticate users against `mod_auth_kerb` with these options to provide SSO service: ``` REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER ENABLE_REVERSE_PROXY_AUTHENTICATION = true ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = true ``` In apache vhosts configuration: ``` ... RequestHeader set X-WEBAUTH-USER expr=%{REMOTE_USER} ... ``` Now, as expected, I cannot use any functions that require password confirmation as my Gitea instance is not prepared to be aware of using this external authentication source. A solution would be to disable password confirmation, I guess. (had a similar issue with NextCloud) ## Screenshots ![Password confirmation](https://image.ibb.co/dBE2P5/K_perny_k_p_2017_08_20_13_31_16.png) <!-- **If this issue involves the Web Interface, please include a screenshot** -->
GiteaMirror added the issue/duplicate label 2025-11-02 03:44:16 -06:00
GiteaMirror commented 2025-11-02 03:44:17 -06:00
Author
Owner
Copy Link

@strk commented on GitHub (Aug 20, 2017):

Same problem exists when using other password-less authentication
means (OAuth2, OpenID).

If I'm not wrong there's an open issue about dealing with that

@strk commented on GitHub (Aug 20, 2017): Same problem exists when using other password-less authentication means (OAuth2, OpenID). If I'm not wrong there's an open issue about dealing with that
GiteaMirror commented 2025-11-02 03:44:17 -06:00
Author
Owner
Copy Link

@strk commented on GitHub (Aug 20, 2017):

#1036 is the previous discussion ticket

@strk commented on GitHub (Aug 20, 2017): #1036 is the previous discussion ticket
GiteaMirror commented 2025-11-02 03:44:18 -06:00
Author
Owner
Copy Link

@lafriks commented on GitHub (Aug 20, 2017):

Closing as duplicate for #1036

@lafriks commented on GitHub (Aug 20, 2017): Closing as duplicate for #1036
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label issue/duplicate
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#982
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?