
I have not yet got a complete set of patches to do this properly but I wondered what the chances of getting this added to some future version were. We use an internal web server with authentication done by Apache for most of our systems. Since we only allow internal access to OTRS I patched it to pickup the username from the CGI REMOTE_USER environment variable and completely skip the login screen. Anyway here is a patch to index.pl to enable pre-authentication. Note this is just for comment as not tied into Config.pm yet. You still need to create the users in otrs which match the Apache REMOTE_USER names. If you need to switch users in same web session then the Logout link will actually get to the Login screen. -- Phil Davis IT Action *** ../../otrs/otrs/bin/cgi-bin/index.pl Thu Apr 17 19:28:45 2003 --- otrs/bin/cgi-bin/index.pl Mon Mar 24 02:40:16 2003 *************** *** 36,43 **** # -- my $Debug = 0; - my $preauth_enabled = 1; - # -- # check @INC for mod_perl (add lib path for "require module"!) # -- --- 36,41 ---- *************** *** 167,177 **** } } - if ($preauth_enabled && (!$Param{SessionID})) { - # automatic login if first visit - $Param{Action} = 'Login'; - } - # -- # check request type # -- --- 165,170 ---- *************** *** 179,204 **** # -- # get params # -- - my $preauth = 0; my $User = $CommonObject{ParamObject}->GetParam(Param => 'User') || ''; my $Pw = $CommonObject{ParamObject}->GetParam(Param => 'Password') || ''; - - - if ($preauth_enabled && ($User eq "") && ($ENV{REMOTE_USER} ne "")) { - $User = lc($ENV{REMOTE_USER}); - $preauth = 1; - } # -- # create AuthObject # -- my $AuthObject = Kernel::System::Auth->new(%CommonObject); - # -- # check submited data # -- ! if (($preauth_enabled && $preauth) ! || ($AuthObject->Auth(User => $User, Pw => $Pw) )) { # -- # get user data # -- --- 172,188 ---- # -- # get params # -- my $User = $CommonObject{ParamObject}->GetParam(Param => 'User') || ''; my $Pw = $CommonObject{ParamObject}->GetParam(Param => 'Password') || ''; # -- # create AuthObject # -- my $AuthObject = Kernel::System::Auth->new(%CommonObject); # -- # check submited data # -- ! if ( $AuthObject->Auth(User => $User, Pw => $Pw) ) { # -- # get user data # -- *************** *** 519,534 **** %CommonObject, %Param, ); ! ! if ($preauth_enabled) { ! # automatic re-login ! $Param{RequestedURL} = $CommonObject{LayoutObject}->LinkEncode($Param{RequestedURL}); ! print $CommonObject{LayoutObject}->Redirect( ! ExtURL => 'https://home.hq.itaction.net/~otrs/index.pl'. ! "?Action=Login&RequestedURL=$Param{RequestedURL}", ! ); ! } ! elsif ($CommonObject{ConfigObject}->Get('LoginURL')) { # -- # redirect to alternate login # -- --- 503,509 ---- %CommonObject, %Param, ); ! if ($CommonObject{ConfigObject}->Get('LoginURL')) { # -- # redirect to alternate login # --

Hi Phil, On Thu, Apr 17, 2003 at 07:38:34PM +0100, Phil Davis wrote:
I have not yet got a complete set of patches to do this properly but I wondered what the chances of getting this added to some future version were.
We use an internal web server with authentication done by Apache for most of our systems. Since we only allow internal access to OTRS I patched it to pickup the username from the CGI REMOTE_USER environment variable and completely skip the login screen. [...]
Wow! :-o Cool! I add your patch to the OTRS CVS head (not 1.1). Thanks!!! Martin -- Martin Edenhofer - <martin at edenhofer.de> - http://martin.edenhofer.de/ -- Noch 145 Tage bis zum Gäubodenvolksfest! ;-)
participants (2)
-
Martin Edenhofer
-
Phil Davis