Subsonic Forum

[lovebags]

I have users logging into Subsonic via LDAP but if I create a link, it bypasses any authentication that usually happens when people login to the server. Is it possible to add the ability to force LDAP users to authenticate when following shared links?

[GJ51]

http://maplegrovepartners.subsonic.org/share/jTTSI

[lovebags]

Thanks Gary, nice way to respond! Yes, I'm guessing that's how it was set-up and is a very handy feature. Thing is, we are using Subsonic to host content that is restricted for certain users so having LDAP enabled on shared links would be very handy. The way we get around it now is to embed the shared link in another window which hides the source URL and users can only get to it by logging in via LDAP.

Ben

[GJ51]

I agree it may be a nice touch on an already useful feature, but for me it seems a bit redundant in that you already have control over who you send the link to. Considering that Sindre has also added the ability to limit the time that the link is active and you can also delete the link at any time does give you quite a bit of security already.

For my psoted response, I just set it to be active for 1 week, then it dies automatically.

Glad you appreciated the response, I just couldn't help myself.

There's always more to learn ...

[lovebags]

The terms of the requirements in place that allow us to offer our users access is that they must authenticate to access the music. If the link was made public and the content freely accessible then we'd be violating those stipulations, irrespective of the expiry or ability to delete, hence the need for authentication on every level.

As you said, it's already a useful feature but it's the one added thing that would be even better for our situation.