[rt-users] Re: External Authentication: HowTo - Help needed.
Les Mikesell
les at futuresource.com
Mon Jul 25 12:20:29 EDT 2005
On Fri, 2005-07-22 at 22:37, Manfred Koroschetz wrote:
> The usual way is to either use Apache's basic authentication or load
> an apache module that authenticates the way you want and sets
> REMOTE_USER accordingly. I am using mod_auth_pam on a RedHat box
> which is configured to use either local system accounts or check
> against a Windows domain but anything that works with apache should
> work with RT.
>
> A: I understand, but am not sure that any mod_auth_pam would work for
> our project. Now from your description it seems that you don't have a
> problem with your environment and you use REMOTE_USER through
> mod_auth_pam and a Windows domain controller.
There are a variety of mod_auth_xxx modules that might work for
you. Mod_auth_pam isn't included with the RH/fedora distributions
but meshes nicely with the system authentication for email accounts,
etc. and can stack several different methods. The point is that
using basic authentication at the apache level works because it sets
REMOTE_USER on every page because the browser resends the credentials.
Your earlier comments made me think you expected a php application
session login to work with subsequent perl pages. It won't, unless you
do something to duplicate the session mechanism on the perl side.
> My questions arer:
>
> —>Are you using RT 3.4.2 ?
I have a 2.x and a 3.2.2 installation working this way. My 3.4.2
isn't completely working yet but does get to the point of showing the
logged in user correctly in the top right. Basic authentication
is pretty generic and the same also works with some other web apps
that I have configured for external authentication.
> —>Did you have to do anything else, other then change your
> RT_Siteconfig.pm ?
Part of configuring basic authentication for apache is to
require valid-user
for the relevant location in httpd.conf. That makes the
browser prompt for the login and resend it for subsequent
pages.
--
Les Mikesell
les at futuresource.com
More information about the rt-users
mailing list