[rt-users] external authentication
Bruce Campbell
bruce_campbell at ripe.net
Wed Feb 27 12:55:45 EST 2002
On Wed, 27 Feb 2002, Gary Stainburn wrote:
> Can RT use external username/password authentication modules?
Yes. You will need to write a bit of code (to call your other code) to
sit within your config.pm to do so, flip the appropriate clearly-labled
switches within there, and it should work.
> I've got an AIX4.2 system that everyone has an account on. I'm developing an
> in-house inetd based authentication system so that I can then use it in a
> number of distributed systems we have within the group - one
> username/password per user regardless of which system or app they are using.
Urm. Do not pass passwords in the clear. Basic security. Run your RT
instance over SSL if possible, interface with your external authentication
using shared keys between the RT box and the auth box, apply limits on
your auth boxes on the number of password attempts per time unit, but do
not repeat the problems of telnet, imap, pop, etc etc ;)
Regards,
--
Bruce Campbell RIPE
Systems/Network Engineer NCC
www.ripe.net - PGP562C8B1B Operations
More information about the rt-users
mailing list