Alternate authentication

Added by Mark Thomas over 9 years ago

I need to add support for running redmine behind a proxy that does the authenticating. Redmine doesn't need to handle it, just pick it up from an environment variable set by the proxy.

At first, I patched the application controller and replaced find_current_user with basically a find_or_create method for a user, instantly considering you logged in. The problem with that is that you cannot Sign Out or log in as someone else. There may be other problems that crop up as well, since that is not a very clean way of doing it.

So I'd like to improve on this. I created an AuthSourceProxy class, extending AuthSource, much like AuthSourceLDAP does. I was hoping that I could somehow register this new auth source. However, the code in auth_sources_controller can only create a new Ldap auth source. Perhaps this can be improved in a few ways:

  • tweak AuthSource so that it is a true abstract class and doesn't presuppose LDAP.
  • modify auth_sources_controller so that one can create or register a new auth source.
  • modify the authentication settings so that an admin can choose which Auth Source type to use.

What do you think?

Replies (3)

RE: Alternate authentication - Added by Pankaj Jangid about 9 years ago

Hi Mark

This is a very much required feature. Mark, are you aware of any hack to customize the authentication source. I have my own database of users/passwds. And I want to authenticate against that database.


RE: Alternate authentication - Added by Overmind Eternal Will almost 9 years ago

I know this is not the features request area but,
+1 for an authentication plugin against a source database. :P