To disable auth you can use location directives. For mailgate it's good to protect path by IP or host name.
Regards, Ruslan. From phone. 05.10.2011 8:06 пользователь "declaya" <chocoboselp...@gmx.de> написал: > > > Thomas Smith-12 wrote: >> >> >> >> Discovered another issue... This one isn't strictly RT-related, I don't >> think. >> >> The email gateway is no longer working. When I configured Apache auth, >> I had to do it at the /opt/rt4 level--otherwise, RT would display the >> login page without the option to login and SSO wouldn't work. Now the >> mail gateway is unable to insert new tickets into the database as the >> area it's trying to access is password protected. Are there any >> best-practices for lifting the security off of this one directory >> (NoAuth only, right?) while maintaining SSO on the remainder of the >> system? Every time I exclude this directory from authentication, SSO >> breaks. >> >> >> > > Hi Thomas, > I was facing the same problem (and I'm still curios about how to configure > Apache using SSO with NTLMv2, but thats another problem;) when I changed the > login behavior for Apache. > You have to change the Apache config: The NoAuth directories must be > excluded from your AD authentication, so you have to set "satisfy any" and > "Allow from all" for that directories. > > So my Apache config looks like this: > > [...] > <Directory "/opt/rt4/share/html"> > --->here goes your Auth config for the users > </Directory> > > <Directory "/opt/rt4/share/html/REST/1.0/NoAuth"> > SetHandler modperl > PerlResponseHandler Plack::Handler::Apache2 > satisfy any > allow from all > </Directory> > > <Directory "/opt/rt4/share/html/NoAuth"> > SetHandler modperl > PerlResponseHandler Plack::Handler::Apache2 > satisfy any > allow from all > </Directory> > > <Location /REST/1.0/NoAuth> > satisfy any > allow from all > </Location> > [...] > > I'm not completely sure, which of the directories is the right one, but > until now it works for me. > Hope this helps a bit! > > Have a nice day! > -- > View this message in context: http://old.nabble.com/LDAP-authentication-best-practices-tp32585400p32594359.html > Sent from the Request Tracker - User mailing list archive at Nabble.com. > > -------- > RT Training Sessions (http://bestpractical.com/services/training.html) > * San Francisco, CA, USA October 18 & 19, 2011 > * Washington DC, USA October 31 & November 1, 2011 > * Barcelona, Spain November 28 & 29, 2011
-------- RT Training Sessions (http://bestpractical.com/services/training.html) * San Francisco, CA, USA October 18 & 19, 2011 * Washington DC, USA October 31 & November 1, 2011 * Barcelona, Spain November 28 & 29, 2011