[rt-users] External authentication for both unix and windows accounts, RT setup

David Shivak dshivak at metabolex.com
Fri Feb 7 18:00:30 EST 2003


Just posting in case this is helpful for other authentication neophytes.

 

I wanted to enable external authentication for http using PAM with
support for both Windows and unix account authentication.  In my case,
this is what worked:

 

In /etc/config.pm, changed $WebExternalAuth to 1 (true).

 

Alias /tracker /usr/local/apache/rt/WebRT/html

PerlRequire /usr/local/apache/rt/bin/webmux.pl

<Location /tracker>

   AuthPAM_Enabled on

   AuthType Basic

   AuthName "RequestTracker"

   require valid-user

   SetHandler perl-script

   PerlHandler RT::Mason

</Location>

 

Authentication worked, but I got multiple requests for passwords from
the graphics and css loads.  I needed to get rid of authentication for
the NoAuth directory. The following worked:

 

<LocationMatch "/NoAuth">

        Satisfy Any

        Allow from all

</LocationMatch>

 

pam.conf entries are as follows (Solaris 8):

 

httpd   auth    sufficient      /usr/lib/security/$ISA/pam_unix.so

httpd   auth    sufficient      /usr/lib/security/$ISA/pam_smb_auth.so
try_first_pass

httpd   account sufficient      /usr/lib/security/$ISA/pam_permit.so.1

 

Dave S.

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20030207/8ec71d88/attachment.htm>


More information about the rt-users mailing list