Re: [otrs] REMOTE_USER not available for HTTPBasicAuth
> On Aug 24, 2018, at 7:14 AM, Jason Haar wrote: > > have it over the entire site - ie all Locations. The rpm created > /etc/httpd/conf.d/zzz_otrs.conf - so it's the last conf to be parsed, and it > contains non Auth references - so it should get what everything else gets. > Also, I created "/opt/otrs/bin/cgi-bin/test.pl" and that does not show > REMOTE_USER, but /var/www/cgi-bin/test.pl does I would give it at try to let the openidc config load after zzz_otrs.conf - Roy - OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
Re: [otrs] REMOTE_USER not available for HTTPBasicAuth
Jason, > On Aug 24, 2018, at 4:19 AM, Jason Haar wrote: > > Hi there > > I'm wanting to protect otrs behind a SSO apache module (auth_openidc). That > module sets a bunch of environment variables that I can see via a PHP script > - including of course REMOTE_USER. But otrs doesn't seem to see REMOTE_USER. > > I'm using the latest "OTRS Patch level 10" release for CentOS-7. It works > fine in standard mode - but trying to flip it to HTTPBasicAuth just causes it > to trigger "Login failed! Your user name or password was entered incorrectly". > > I then created /opt/otrs/bin/cgi-bin/test.pl to just print out all env > variables, and I can see REMOTE_ADDR, SCRIPT_NAME - but not REMOTE_USER > > I then copied that perl CGI to /var/www/cgi-bin, and running that *does* show > REMOTE_USER. So the config for otrs is different? > > I haven't touched CGI before so I'm at a loss to figure out what's gone > wrong. Does the otrs install strip it out or something? The install seems to > use mod_perl (I can see MOD_PERL defined) - but /var/www/cgi-bin does not use > mod_perl (that var isn't showing) - so I suspect that's involved - but I > don't know how... > > Any ideas? Thanks Without knowing you configuration mod_auth_openidc it’s hard to say. E.g. did you cover the location /otrs/index.pl with AuthType openid-connect and in which order are the configuration files processed. - Roy - OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs
[otrs] REMOTE_USER not available for HTTPBasicAuth
Hi there I'm wanting to protect otrs behind a SSO apache module (auth_openidc). That module sets a bunch of environment variables that I can see via a PHP script - including of course REMOTE_USER. But otrs doesn't seem to see REMOTE_USER. I'm using the latest "OTRS Patch level 10" release for CentOS-7. It works fine in standard mode - but trying to flip it to HTTPBasicAuth just causes it to trigger "Login failed! Your user name or password was entered incorrectly". I then created /opt/otrs/bin/cgi-bin/test.pl to just print out all env variables, and I can see REMOTE_ADDR, SCRIPT_NAME - but not REMOTE_USER I then copied that perl CGI to /var/www/cgi-bin, and running that *does* show REMOTE_USER. So the config for otrs is different? I haven't touched CGI before so I'm at a loss to figure out what's gone wrong. Does the otrs install strip it out or something? The install seems to use mod_perl (I can see MOD_PERL defined) - but /var/www/cgi-bin does not use mod_perl (that var isn't showing) - so I suspect that's involved - but I don't know how... Any ideas? Thanks -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 - OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/mailman/listinfo/otrs