[rt-users] [rt-3.6.0] how to customize logout.html to force apache reauthentication ?

Dario Luis Coneglian Oliveros oliveros at cpqd.com.br
Thu Jul 20 10:45:35 EDT 2006


Hi folks,
I've set up RT to use web external authentication via Apache, however I 
could't find a way to force reauthentication after logging out so a 
different user can log in.
It seems like the previous authenticated session is saved and that 
causes my browser (firefox 1.5) not to ask for authentication anymore.
My guess is that Logout.html should be customized to do so, but not sure 
about it. Any guess ?

Here is my apache conf:
<Location /rt>
    Options None
    SetHandler perl-script
    PerlHandler RT::Mason
    ...
    AuthPAM_Enabled on
    AuthName "Request Tracker"
    AuthType Basic
    require valid-user
</Location>
<LocationMatch "/rt/NoAuth">
    Satisfy Any
    Allow from all
</LocationMatch>
<Location /rt/NoAuth/images>
    SetHandler default-handler
</Location>

Here is my RT_SiteConfig.pm
Set($WebExternalAuth , "true");
Set($WebFallbackToInternalAuth , "true");
Set($WebExternalGecos , undef);
Set($WebExternalAuto ,"true");

FYI I used PAM SMB to authenticate against Active Directory and that 
piece is working fine.
Any help will be very appreciated !

Thanks,
Dário





More information about the rt-users mailing list