Talk:Kerberos SSO with Active Directory Integration
Mod_auth_kerb has an option not to include the realm in the REMOTE_USER. this would mean that you can use the default external auth plugin out of the box (no need to patch)
the relevent config in the apache.conf is:
~~ not signed
- I didn't know of KrbLocalUserMapping, that might come in handy sometimes. Thanks.
- Unless I'm missing something, RT::Authen::ExternalAuth does not support authentication agains the Apache REMOTE_USER variable in any case; at best we could remove a few lines of code from my patch.
- SuperJediWombat 09:20, November 1, 2011 (UTC)