Hi, The goal here is to have SSO on RT between a local user directory (AD) and an RT instance installed in the amazon cloud.
I've setup mod_mellon ( https://code.google.com/p/modmellon/ ) with RT as a relying party on AWS and it works well, I'm able to log in with SSO (IdP used on premise is ADFS). I just had to configure RT with: Set($WebExternalAuth , 1); Set($WebFallbackToInternalAuth , 1); Set($WebExternalAuto , 1); so it uses the REMOTE_USER variable to login. I have three problems now: - populating users info: I think I can get some environment variables out of the SAML token with mod_mellon configuration like this: MellonSetEnv "e-mail" "mail" But then I don't know how to populate this into RT. - logout waits 1 second (default), and go back to login page, so I'm authenticated again. I think I need to change the logout link in the code? - SSO is always used and I'd like a way to do a local login (with root for example which is not in our user directory). I'm not sure how to do this yet. Has anyone played with this and went further than I did? Thanks, -- L.B.
-- RT Training in Seattle, June 19-20: http://bestpractical.com/training
