Talk:Kerberos SSO with Active Directory Integration

From Request Tracker Wiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
File:Placeholder

Mod_auth_kerb has an option not to include the realm in the REMOTE_USER. this would mean that you can use the default external auth plugin out of the box (no need to patch)

the relevent config in the apache.conf is:

KrbLocalUserMapping On

~~ not signed

I didn't know of KrbLocalUserMapping, that might come in handy sometimes. Thanks.
Unless I'm missing something, RT::Authen::ExternalAuth does not support authentication agains the Apache REMOTE_USER variable in any case; at best we could remove a few lines of code from my patch.
SuperJediWombat 09:20, November 1, 2011 (UTC)
Retrieved from "https://rt-wiki.bestpractical.com/index.php?title=Talk:Kerberos_SSO_with_Active_Directory_Integration&oldid=4550"