Jason,

> On Aug 24, 2018, at 4:19 AM, Jason Haar <jason_haar@trimble.com> wrote:
>
> Hi there
>
> I'm wanting to protect otrs behind a SSO apache module (auth_openidc). That module sets a bunch of environment variables that I can see via a PHP script - including of course REMOTE_USER. But otrs doesn't seem to see REMOTE_USER.
>
> I'm using the latest "OTRS Patch level 10" release for CentOS-7. It works fine in standard mode - but trying to flip it to HTTPBasicAuth just causes it to trigger "Login failed! Your user name or password was entered incorrectly".
>
> I then created /opt/otrs/bin/cgi-bin/test.pl to just print out all env variables, and I can see REMOTE_ADDR, SCRIPT_NAME - but not REMOTE_USER
>
> I then copied that perl CGI to /var/www/cgi-bin, and running that *does* show REMOTE_USER. So the config for otrs is different?
>
> I haven't touched CGI before so I'm at a loss to figure out what's gone wrong. Does the otrs install strip it out or something? The install seems to use mod_perl (I can see MOD_PERL defined) - but /var/www/cgi-bin does not use mod_perl (that var isn't showing) - so I suspect that's involved - but I don't know how...
>
> Any ideas? Thanks

Without knowing you configuration mod_auth_openidc it’s hard to say. E.g. did you cover the location /otrs/index.pl with AuthType openid-connect and in which order are the configuration files processed.

- Roy
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs