-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Dave,
I just found out that when i enable this rule the complete login is not working anymore. also manually it's now not possible to login.
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
I guess your LDAP-Authenticationbackend is also named "$Self->{'AuthModule'}" (a few lines of your Config.pm would be helpful to analyze the problem)? If so, activating HTTPBasicAuth disables LDAP-Authentication. Using SSO via HTTPBasicAuth requires the user to be authenticated BEFORE accessing ../otrs/index.pl. The authentication needs to be done by the webserver before (e.g. by configuring the webserver to to a basic auth agains a usr-password-file or an LDAP). But then it's thejob of the webservers administrator to configure a working authentication. The authentication itself is not done by OTRS then anymore. However you can use more than one authentication backend. Just name your LDAP-auth backend $Self->{'AuthModule1'} (and update all corresponding config values as well). OTRS will check first for HTTPBasicAuth and if this fails will offer you the possibility for a manual authentication.
When i try to login automatically with SSO it's not working and the following entries are written in the log: Sat Dec 12 11:14:11 2009 error OTRS-CGI-10 Need UserLogin or UserID! Sat Dec 12 11:14:11 2009 notice OTRS-CGI-10 User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 10.20.203.100).
When i try to login with my credentials username/password manually these lines are also logged,... Sat Dec 12 11:14:31 2009 error OTRS-CGI-10 Need UserLogin or UserID! Sat Dec 12 11:14:31 2009 notice OTRS-CGI-10 User: No $ENV{REMOTE_USER} or $ENV{HTTP_REMOTE_USER} !(REMOTE_ADDR: 10.20.203.100).
When i disable the "$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';" rule again i can login manually...
regards, T. - -- Torsten Thau, Dipl. Inform. c.a.p.e. IT Labs GbR - Annaberger Str. 240 - D-09125 Chemnitz phone: +49 371 5347 623 cell: +49 176 66 680 680 personal pgp-key: 0x93E0A174 fax: +49 371 5347 625 http://www.cape-it.de -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAksjc1sACgkQvXo8m5PgoXTNXgCghCcNGXuUkKa5Hz2lNY0wNwLC N78An2z0qZtl6aT+ofMenSAFPzgcnP1R =iubk -----END PGP SIGNATURE-----