Bug #520

HTTP Authentication feature - patch proposed

Added by Anonymous about 15 years ago. Updated about 15 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:Common
Target version:0.68

Description

In order to have automatic authentication without having to enter password, you can used the HTTP authentication : authentication is made by http server, and you can retreive login via $_SERVER['REMOTE_USER'].

HTTP authentication can be made with those configuration
IIS and NTLM integration (trivial)
Apache and mod_auth_ntlm
Apache2 and mod_auth_sspi

The patch I proposed make 2 changes :
In index.php, If $_SERVER['REMOTE_USER'] is not empty, then I redirect the user to login.php?login_name=<login>

In login.php, I test at the beginning of the test series if http authentication is active (if I found a valid login in $_SERVER['REMOTE_USER']), then I retrieve all information needed. If I can't, then all the other test are made as initialy.
My test is made before all other because $_POST['login_password'] is empty, and the following test try authenticate user against my active directory (tests failed because of the empty password). Because there is lots of test, and because my Active directory is configured to lock account after 5 failed test, I have rapidly some locked account.

glpi-0.65-http_auth.patch Magnifier (2.97 KB) moyo, 05/08/2006 01:01 PM

History

#1 Updated by moyo about 15 years ago

  • Status changed from New to Closed

Modification will not be integrated for the moment due to its specifity.
$_SERVER['REMOTE_USER'] may be used for others authentification and may cause trouble for others system.
Maybe something more generical may be integrated in the future.

Also available in: Atom PDF