Hello, First option you described is the way to go, but: 1. Definitely do not edit exiting HTTPBasicAuth module but create your own Auth module (you can create copy of HTTPBasicAuth) Editing default OTRS modules will cause you troubles during upgrades. 2. Cookies are not the best way how to implement SSO, since they can be stolen very easily. Martin Martin Jerga ITSM Consultant Tempest a.s. tel: +421917792942 -----Original Message----- From: otrs [mailto:otrs-bounces@lists.otrs.org] On Behalf Of System Administrator Sent: Saturday, August 20, 2016 8:32 PM To: otrs@lists.otrs.org Subject: [otrs] custom cookie based Frontend::Customer::Auth authentication Hi, In our environment we use Cookies for single sign on. And we have Perl code that extracts the username from the cookie and authenticates the user by checking the signature embedded in the cookie. How can such a cookie based custom SSO work with OTRS? I am not sure if the following starting points would work and what other ways there may be. 1) Is this possible?: set Framework - Frontend::Customer::Auth to "HTTPBasicAuth" and modify Kernel/System/CustomerAuth/HTTPBasicAuth.pm to read the SSO Cookie and set my $User = ... based on the result? How would I obtain the cookie in HTTPBasicAuth.pm ? 2) Or this? : Also set HTTPBasicAuth in OTRS and process the cookie separately in Apache and set REMOTE_USER =making it look like Basic Authentication for OTRS. If yes, how can this be done? Thank you in advance for any tips --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs