[dev] Problem wiht Basic Auth

Fri, 12 Feb 2010 03:31:47 -0800 

Hi All,

My goal is to authenticate agents using integrated windows authentication and 
use database backend to store their accounts (group membership and so on).  We 
cannot use passwords as we use smartcards to authenticate in windows domain.

I've deployed clean OTRS 2.4.7 setup under IIS and MSSQL. All settings in 
Config.pm are defaults except that are needed to use MSSQL. I've created user 
in database (let's say qqq) which is member of admin and users groups. After 
that I've added these two strings into Config.pm:
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
$Self->{'AuthModule::HTTPBasicAuth::Replace'} = 'DOMAIN\\';

Next I set IIS to use integrated windows authentication, so REMOTE_USER 
environment variable will be set to the user who is authenticated by IIS, for 
example DOMAIN\qqq.  As I understand architecture of OTRS it is allowed to do 
this way.
But when I try to enter agent's interface I got these errors:
Message: Need UserLogin or UserID!
 Traceback (3364):
   Module: Kernel::System::User::UserLookup (v1.94) Line: 668
   Module: Kernel::System::Auth::Auth (v1.42) Line: 261
   Module: Kernel::System::Web::InterfaceAgent::Run (v1.43.2.1) Line: 192
   Module: c:\inetpub\wwwroot\bin\cgi-bin\index.pl (v1.88) Line: 48

Digging into source code I've found that Atuh.pm expects that $Param{User} 
variable should be set somewhere before the call of UserLookup at line 261. If 
I add Param{User}=$User  at line 260 everything is working well.

So, is it a bug, or I do something wrong?

TIA
---------------------------------------------------
Leonid S. Korokh
CIO
Aladdin Software Security R.D.

Phone: +7 (495) 223-0001 (30 lines)
Phone: +7 (495) 988-4640
Fax: +7 (495) 646-0882
E-mail: [email protected]<mailto:[email protected]>
Web: www.aladdin.ru<http://www.aladdin.ru/>


---------------------------------------------------------------------
OTRS mailing list: dev - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/dev
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/dev

NEW! ENTERPRISE SUBSCRIPTION - Get more information NOW!
http://www.otrs.com/en/support/enterprise-subscription/

Reply via email to