[rt-users] Re: Apache authentication, then RT authentication?
deejoe at iastate.edu
deejoe at iastate.edu
Thu Nov 14 15:49:34 EST 2002
On Tue, Aug 13, 2002 at 12:10:27PM -0700, Gretchen K. Wagner wrote:
> On Mon, 12 Aug 2002 deejoe at iastate.edu wrote:
>
> > (Apologies if this belabors the point. Corrections, as always, welcome.)
>
> Quite excellent summary of Things As They Are with regards to this situation
> :) FWIW, yes, all accounts are configured, all accounts have passwords, and
> I've tried various combinations of same/different passwords for the
> krb/unix/rt accounts (all same username).
>
> > Another caveat: Cookies are used for RT's built-in authentication. When
> > external authentication is configured, no cookies are generated. Therefore
> > it effectively becomes impossible to log out without closing the browser
> > session and wiping the cache since http basic authentication can never be
> > canceled or expired otherwise. This behavior (no cookies from RT) may have
> > changed with more recent RT versions, I don't know.
>
> I think this may be the sticking point. RT2 appears to accept the external
> authentication, but it doesn't proceed beyond that initial page. Perhaps RT2
> still wants cookies, but they're not being generated as part of the Apache
> basic auth. Hrm...
Am wondering if anyone ever solved this problem. I'm still running v1 RT
installation. Now that I've migrated it to new hardware twice, I'm finally
feeling like I might be up to upgrading to RT2 at some point.
Hearing that the problem described above has been solved would be further
encouragement towards that.
Regards,
--Joe
More information about the rt-users
mailing list