[rt-users] Combining Apache Auth with RT:Authen:External overlays

David Nillesen dnillese at une.edu.au
Thu Oct 8 06:12:14 EDT 2009


For our area which is essentially the datacentre staff, we have a variety of applications, such as nagios, (hopefully) request tracker, a blog, wiki, fileshare etc etc all running of a single webserver that forms the "home" of our activities and documentation.

I'd like to reduce it to a single login to get on and move around freely.

Though even as I explain it, it is going to make more sense with an SSO solution. I might take another look at webauth. It's one more thing to run, but may be simpler in total.

Thanks,
Dave

-----Original Message-----
From: Ruslan Zakirov [mailto:ruslan.zakirov at gmail.com] 
Sent: Thursday, 8 October 2009 6:07 PM
To: David Nillesen
Cc: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] Combining Apache Auth with RT:Authen:External overlays

David,

Do you use some SingleSignOn solution? If it's not the case then why
do you need apache auth at all?

On Thu, Oct 8, 2009 at 4:51 AM, David Nillesen <dnillese at une.edu.au> wrote:
> Hi,
>
>
>
>                 I’ve been trying to get this to work for a bit, but am not
> having any luck.
>
>
>
> o   What I would like is to use Apache authentication via LDAP, so that all
> the apps on our server running RT are using the same auth system.
>
> o   Then I would like to use an LDAP overlay so that users are driven with
> current information from our LDAP system.
>
>
>
> So far, I’ve had RT-Authen-ExternalAuth working, but not in combination with
> Apache Auth. RT External Auth works fine, but forces people to log in
> multiple times to the system,
>
> once for Apache and once for RT. The way users are handled inside
> RT-Authen-ExternalAuth is excellent and ideal for my case.
>
>
>
> Is there any way to tie this to Apache Basic Auth?
>
>
>
> I would use an LDAP overlay, but all the docs seem to have been pulled from
> the wiki and now point back to the RT-Authen-ExternalAuth module.
>
>
>
> I’m running the latest 3.8 RT with 0.08 RT-Authen-ExternalAuth.
>
>
>
> My other option appears to be to use an SSO cookie auth system and protect
> my server that way and get RT-Authen-ExternalAuth to use the cookie. I was
> really trying to avoid this however as it is massive overkill, well IMO.
>
>
>
> Thanks for your time,
>
> Dave
>
>
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>



-- 
Best regards, Ruslan.

No virus found in this incoming message.
Checked by AVG - www.avg.com 
Version: 8.5.421 / Virus Database: 270.14.7/2421 - Release Date: 10/07/09 20:49:00


More information about the rt-users mailing list