Thomas Smith-12 wrote: > > > > Discovered another issue... This one isn't strictly RT-related, I don't > think. > > The email gateway is no longer working. When I configured Apache auth, > I had to do it at the /opt/rt4 level--otherwise, RT would display the > login page without the option to login and SSO wouldn't work. Now the > mail gateway is unable to insert new tickets into the database as the > area it's trying to access is password protected. Are there any > best-practices for lifting the security off of this one directory > (NoAuth only, right?) while maintaining SSO on the remainder of the > system? Every time I exclude this directory from authentication, SSO > breaks. > > > Hi Thomas, I was facing the same problem (and I'm still curios about how to configure Apache using SSO with NTLMv2, but thats another problem;) when I changed the login behavior for Apache. You have to change the Apache config: The NoAuth directories must be excluded from your AD authentication, so you have to set "satisfy any" and "Allow from all" for that directories.
So my Apache config looks like this: [...] <Directory "/opt/rt4/share/html"> --->here goes your Auth config for the users </Directory> <Directory "/opt/rt4/share/html/REST/1.0/NoAuth"> SetHandler modperl PerlResponseHandler Plack::Handler::Apache2 satisfy any allow from all </Directory> <Directory "/opt/rt4/share/html/NoAuth"> SetHandler modperl PerlResponseHandler Plack::Handler::Apache2 satisfy any allow from all </Directory> <Location /REST/1.0/NoAuth> satisfy any allow from all </Location> [...] I'm not completely sure, which of the directories is the right one, but until now it works for me. Hope this helps a bit! Have a nice day! -- View this message in context: http://old.nabble.com/LDAP-authentication-best-practices-tp32585400p32594359.html Sent from the Request Tracker - User mailing list archive at Nabble.com. -------- RT Training Sessions (http://bestpractical.com/services/training.html) * San Francisco, CA, USA October 18 & 19, 2011 * Washington DC, USA October 31 & November 1, 2011 * Barcelona, Spain November 28 & 29, 2011
