https://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292008-05-31T14:15:57ZRedmineRedmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=30662008-05-31T14:15:57ZAlon Bar-Lev
<ul></ul><p>This is also required for kerberos authentication.</p>
<p>If the application run under apache, it should be able to receive the user from environment.</p> Redmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=55402008-11-11T09:38:05ZJean-Philippe Langjp_lang@yahoo.fr
<ul><li><strong>Target version</strong> deleted (<del><i>0.8</i></del>)</li></ul> Redmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=65162009-01-07T21:32:59ZAlon Bar-Lev
<ul></ul><p>This is simple, as I don't know ruby I cannot promis it is the best solution.<br />But you can have configuration option for a request variable to take the user from.<br />In order to support basic authentication (kerberos or SSL) under apache with mod_rails, I only had to do the following:</p>
<pre><code class="ruby syntaxhl"> <span class="c1"># Returns the current user or nil if no user is logged in</span>
<span class="k">def</span> <span class="nf">find_current_user</span>
<span class="o">+</span> <span class="k">if</span> <span class="n">request</span><span class="p">.</span><span class="nf">env</span><span class="p">[</span><span class="s2">"REMOTE_USER"</span><span class="p">]</span>
<span class="o">+</span> <span class="p">(</span> <span class="no">User</span><span class="p">.</span><span class="nf">find_by_login</span><span class="p">(</span><span class="n">request</span><span class="p">.</span><span class="nf">env</span><span class="p">[</span><span class="s2">"REMOTE_USER"</span><span class="p">])</span> <span class="k">rescue</span> <span class="kp">nil</span><span class="p">)</span>
<span class="o">-</span> <span class="k">if</span> <span class="n">session</span><span class="p">[</span><span class="ss">:user_id</span><span class="p">]</span>
<span class="o">+</span> <span class="k">elsif</span> <span class="n">session</span><span class="p">[</span><span class="ss">:user_id</span><span class="p">]</span>
<span class="c1"># existing session</span>
<span class="p">(</span><span class="no">User</span><span class="p">.</span><span class="nf">active</span><span class="p">.</span><span class="nf">find</span><span class="p">(</span><span class="n">session</span><span class="p">[</span><span class="ss">:user_id</span><span class="p">])</span> <span class="k">rescue</span> <span class="kp">nil</span><span class="p">)</span>
</code></pre>
<p>As <a href="http://www.redmine.org/boards/2/topics/show/127" class="external">[1]</a> wanted to have a different variable... So I guess the actual string may be configurable.</p>
<p>This is very important for enterprise deployment, please set milestone.</p>
<p>Thanks!</p> Redmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=78392009-03-06T09:40:47ZJan Ivar Beddari
<ul></ul><p>Very much agree.</p>
<p>We use this together with mod_auth_kerb</p> Redmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=97792009-06-15T14:06:11ZRenno Reinurm
<ul></ul><p>I'm also interested to have external authentication support using Kerberos.</p> Redmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=135262010-01-12T14:14:55ZAnthony Topper
<ul></ul><p>I'd like to see Kerberos support added as well.</p> Redmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=167082010-05-14T05:04:46ZStanislav German-Evtushenko
<ul></ul><p>I'm agree. It would be nice to be able to use Kerberos authentication.</p> Redmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=167422010-05-14T22:44:46ZBrian Wells
<ul></ul><p>I've added a custom external authenticator to Redmine by means of a plugin that modifies the Authentication Sources view to include something other than LDAP.</p>
<p><a class="external" href="http://www.redmine.org/projects/redmine/wiki/Plugin_List/#Mac-OS-X-Identity-Services-plugin">http://www.redmine.org/projects/redmine/wiki/Plugin_List/#Mac-OS-X-Identity-Services-plugin</a></p>
<p>It would be helpful if there was a more standard way to add a subclass of AuthSource and a custom form for it, but what I've done so far works fine.</p>
<p>-- Brian Wells</p> Redmine - Feature #1131: Add support for alternate (non-LDAP) authenticationhttps://www.redmine.org/issues/1131?journal_id=169282010-05-23T03:13:43ZEric Davis
<ul><li><strong>Category</strong> set to <i>Accounts / authentication</i></li><li><strong>Status</strong> changed from <i>New</i> to <i>Closed</i></li><li><strong>Assignee</strong> set to <i>Eric Davis</i></li><li><strong>Target version</strong> set to <i>1.0.0 (RC)</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li><li><strong>Resolution</strong> set to <i>Fixed</i></li></ul><p>I've change AuthSource so it can now be extended to support other external auth sources (i.e. removed the LDAP assumption). An example of how to add a new AuthSource can be seen in my <a href="http://github.com/edavis10/redmine_sso_client" class="external">redmine_sso_client</a> plugin. It adds a new AuthSource model, controller, form, and a menu item.</p>
<p><a class="changeset" title="Remove hard coded LDAP log message." href="https://www.redmine.org/projects/redmine/repository/svn/revisions/3743">r3743</a>, <a class="changeset" title="Refactor AuthSourcesController to support non-LDAP sources. #1131" href="https://www.redmine.org/projects/redmine/repository/svn/revisions/3744">r3744</a>, <a class="changeset" title="Allow AuthSources to control if they allow password changes." href="https://www.redmine.org/projects/redmine/repository/svn/revisions/3745">r3745</a></p>