Hi Torsten Thanks for your reply and info. I incorrectly understood the functionality of this HTTPBasicAuth. My idea was that I created the right setup for authentication in Perl but i didn't want my user to manually put in their credentials into the boxes and therefore wanted to let them login automatically authenticated against the LDAP (and i thought it was done by perl). If i correctly understand is right now HTTPBasicAuth is the Apache authentication. What's the best setup if i want that Agent's can login automatically with their AD credentials and they do not have to enter anything manually? Thanks in advance. Best, Dave On 12 dec 2009, at 11:41, Torsten Thau wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi Dave,
I just found out that when i enable this rule the complete login is not working anymore. also manually it's now not possible to login.
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
I guess your LDAP-Authenticationbackend is also named "$Self->{'AuthModule'}" (a few lines of your Config.pm would be helpful to analyze the problem)? If so, activating HTTPBasicAuth disables LDAP-Authentication. Using SSO via HTTPBasicAuth requires the user to be authenticated BEFORE accessing ../otrs/index.pl. The authentication needs to be done by the webserver before (e.g. by configuring the webserver to to a basic auth agains a usr-password-file or an LDAP). But then it's thejob of the webservers administrator to configure a working authentication. The authentication itself is not done by OTRS then anymore.
However you can use more than one authentication backend. Just name your LDAP-auth backend $Self->{'AuthModule1'} (and update all corresponding config values as well). OTRS will check first for HTTPBasicAuth and if this fails will offer you the possibility for a manual authentication.
When i try to login automatically with SSO it's not working and the following entries are written in the log: Sat Dec 12 11:14:11 2009 error OTRS-CGI-10 Need UserLogin or UserID! Sat Dec 12 11:14:11 2009 notice OTRS-CGI-10 User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 10.20.203.100).
When i try to login with my credentials username/password manually these lines are also logged,... Sat Dec 12 11:14:31 2009 error OTRS-CGI-10 Need UserLogin or UserID! Sat Dec 12 11:14:31 2009 notice OTRS-CGI-10 User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 10.20.203.100).
When i disable the "$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';" rule again i can login manually...
regards, T.
- -- Torsten Thau, Dipl. Inform. c.a.p.e. IT Labs GbR - Annaberger Str. 240 - D-09125 Chemnitz phone: +49 371 5347 623 cell: +49 176 66 680 680 personal pgp-key: 0x93E0A174 fax: +49 371 5347 625 http://www.cape-it.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAksjc1sACgkQvXo8m5PgoXTNXgCghCcNGXuUkKa5Hz2lNY0wNwLC N78An2z0qZtl6aT+ofMenSAFPzgcnP1R =iubk -----END PGP SIGNATURE----- --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW! http://www.otrs.com/en/support/enterprise-subscription/