[rt-users] mod_auth_tkt
Wes Young
wes at ren-isac.net
Mon Oct 3 16:27:18 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
has anyone had any success with RT 3.8.8+ and mod_auth_tkt?
something changed between 3.8.4 and 3.8.8 that fails to allow the auth_tkt cookie to be passed through and I can't quite figure out what it is. RT::ExternalAuth:: assumes you already have the cookie, but i'm guessing some security fix somewhere dis-allows a cross-site cookie from being planted when you wrap:
<Location /rt>
TKT...
SetHandler perl-script
PerlHandler RT::Mason
</Location>
It works if the cookie is already set, but not if this is the handler that's setting the cookie (tested and works a-OK with the default apache handler).
I've been ripping through the interface handler code and i'm sure i'm missing something stupid here, just getting a bit blurry.
any insight greatly appreciated.
- --
Wes
claimid.com/wesyoung
soc at ren-isac.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
iEYEARECAAYFAk6KGqoACgkQKezpZd226UYaXACfXpI/L6be2fK4ByvufCa7SJT5
7YAAnRUwB+4t4p5VTntsjgYk/I58pL/1
=Pb3C
-----END PGP SIGNATURE-----
More information about the rt-users
mailing list