MantisBT

View Issue Details Jump to Notes ] Wiki ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008912mantisbtauthenticationpublic2008-02-21 08:152013-02-04 16:26
Reporterabrion 
Assigned To 
PrioritynormalSeveritytweakReproducibilityN/A
StatusnewResolutionopen 
PlatformWINDOWSOSOS Version
Product Version1.1.1 
Target VersionFixed in Version 
Summary0008912: A small modification allows to do Windows integrated authentication with mantis and IIS
DescriptionConfiguration
- IIS 6 with mandatory authentication (unchek "Enable anonymous access" for the site/directory)
- Mantis 1.1.1 with modifications (modifed files attached to this report)
- config_inc.php contains
    $g_login_method = WINDOWS_AUTH;
    $g_allow_signup = OFF;
    $g_lost_password_feature = OFF;

Now
- users do not need to enter neither id/name nor password
- admin has to manually enter the accounts of people allowed to use mantis (windows login, not password)
- you can give the URL .../mantis/login.php so that people don't even see the login page
Additional InformationIIS does authentication.
PHP gets the user's login from CGI param AUTH_USER.
ID/Password check from SQL is by-passed.

I did not try with PHP as ISAPI filter so I don't know if the trick works in this case

I work with PHP as CGI (attach ...\php-cgi.exe to the .php extension in IIS Application Configuration)

And remember: do not use a site name with an underscore if the browser is IE (see http://bugs.mantisbt.org/view.php?id=5886; [^] I had to ask for a DNS alias as a workaround)
TagsNo tags attached.
Attached Fileszip file icon mantis_auth_iis.zip [^] (14,521 bytes) 2008-02-21 08:15

- Relationships
related to 0012627new Plugin to enable login based upon Active Directory 

-  Notes
User avatar (0035002)
smorley (reporter)
2013-01-31 16:14

Are there any opinions on this patch. I applied to my current build (1.2.12) and its working nicely. I'm interested in having it included in the next release so I don't have to reapply it. How best to proceed?
User avatar (0035003)
dregad (developer)
2013-02-01 03:17

Your best bet is to send us a Pull Request on our Github repository [1]. Please make sure that the code adheres to our Coding Guidelines [2].

[1] https://github.com/mantisbt/mantisbt [^]
[2] http://www.mantisbt.org/wiki/doku.php/mantisbt:coding_guidelines [^]
User avatar (0035008)
cas (reporter)
2013-02-01 07:58

There is a plugin available which handles this nicely:
http://www.mantisbt.org/bugs/view.php?id=12627 [^]
User avatar (0035010)
smorley (reporter)
2013-02-01 09:07

I like the plugin but it still requires patches to the code, the patches in this issue are not much more complex and one added to the core will not have to be maintained after each install.
User avatar (0035011)
cas (reporter)
2013-02-01 09:43
edited on: 2013-02-04 04:55

Correct, I would hope that previous functionality would be re-installed in core/authentication_api.php.
Possible use a different functionname but still available again.
Then it can be a fully automatic plugin.
Other option could be to add a custom function to the plugin but this i would like to avoid.

User avatar (0035024)
grangeway (developer)
2013-02-04 15:34

These have been deliberately not included as we plan to add authentication plugins to the next release.

Adding custom authentication hooks atm, only serves to make it harder to add a plugin architecture.

I'm currently a core-dev and in the same position - using IIS to perform the authentication to mantis, with a custom patch.
User avatar (0035025)
smorley (reporter)
2013-02-04 15:46

Ah, and I was just about ready to send a commit to git. Thanks for the update, I'll just make do with my local patches for the foreseeable future. As a point of reference, where would I find this information. I want to make sure that none of my other good ideas are already being considered in core functionality. (And I agree with your decision, plugin architecture makes it easy to perform local customization without maintenance issues).
User avatar (0035026)
grangeway (developer)
2013-02-04 16:26

1.2.x is a stable branch, which should not be getting new features.

At a point where the active developers were myself/dhx/jreese, we started looking at being fairly 'radical' - with a new db layer + locale layer amongst other things. This is in the https://github.com/mantisbt/mantisbt/tree/next [^] and https://github.com/mantisbt/mantisbt/tree/master-2.0.x [^] branches.

When I last spoke to dhx I believe we got to the point where if we got the language changes moved there would be nothing left in the next branch, and we could focus on the master-2.0.x branch for a tidy up.

I've been holding off on putting a few changes I'm using at work into the main master branch as it will only generate more work porting patches around.

- Issue History
Date Modified Username Field Change
2008-02-21 08:15 abrion New Issue
2008-02-21 08:15 abrion File Added: mantis_auth_iis.zip
2013-01-31 16:14 smorley Note Added: 0035002
2013-02-01 03:17 dregad Note Added: 0035003
2013-02-01 07:58 cas Note Added: 0035008
2013-02-01 09:06 dregad Relationship added related to 0012627
2013-02-01 09:07 smorley Note Added: 0035010
2013-02-01 09:43 cas Note Added: 0035011
2013-02-04 04:55 cas Note Edited: 0035011 View Revisions
2013-02-04 15:34 grangeway Note Added: 0035024
2013-02-04 15:46 smorley Note Added: 0035025
2013-02-04 16:26 grangeway Note Added: 0035026


MantisBT 1.2.17 [^]
Copyright © 2000 - 2014 MantisBT Team
Time: 0.0944 seconds.
memory usage: 3,058 KB
Powered by Mantis Bugtracker