| Key: |
CHD-212
|
| Type: |
New Feature
|
| Status: |
Resolved
|
| Resolution: |
Fixed
|
| Assignee: |
Unassigned
|
| Reporter: |
Laurent Grilli
|
| Votes: |
3
|
| Watchers: |
1
|
Clone this issue
|
|
If you were logged in you would be able to see more operations.
|
|
|
Original Estimate:
|
Unknown
|
Remaining Estimate:
|
Unknown
|
Time Spent:
|
Unknown
|
|
Issue Links:
|
Related To
|
|
|
|
This issue is related to:
|
|
CHD-183
Finish re-implementing LDAP authentic...
|
|
|
|
|
|
A try has been made to implement external auth, please see :
http://www.wgmdev.com/jira/browse/CERB-228
But we didn't succeed to get it working, will it be supported in 4.0 ?
I copy paste the old issues
A nice feature for cerberus would be to authenticate user via an external authentication module, i know that the actual approach is to use a module plugin for the cerberus support center. This may be adequate for the gui as well.
I would like to share another way that another opensource project use:
We are using a product call ipplan see http://sourceforge.net/projects/iptrack (GPL), this product was also using an internal user database with specific rights. I like the way that the developer has done for allowing other authentication, simply by putting in a config file a AUTHENTICATE_EXTERNAL=TRUE
The ipplan look after a php REMOTE_USER variable (For more info see doc http://iptrack.sourceforge.net/documentation/x391.html)
Via this method , we have provided via an apache module (mod_auth_kerb could be mod_auth_ldap) a SPNEGO authentication via Firefox and IE against our Active Directory (Kerberos) , the module authenticate and pass the info to the php application, we just need to match the username inside the application to match the one returned by the REMOTE_USER (in this case a Kerberos User)
Regards
|
|
Notify user when complete: QJM-49285-732
This has been implemented in 5.x
|
|
External Authentication