View Issue Details

IDProjectCategoryView StatusLast Update
0012627mantisbtplug-inspublic2013-02-01 09:06
Reportercas Assigned To 
Status newResolutionopen 
Product Version1.2.4 
Summary0012627: Plugin to enable login based upon Active Directory

This plugin allows for integrated login with AD credentials.

If you installed Mantis under IIS and want to have single signon with AD, all you need to do is the following:

  1. Disable Anonymous access for the Mantis website
  2. Ensure Integrated Windows Authentication is ticked
  3. Activate this plugin
    Users listed in the user-table with their windows username, will be automatically logged on.
Additional Information

This plugin uses the function auth_attempt_script_login, which in the past was enough for getting access.
As of version 1.2.x this function offers less functionality than before.
This function is available in core\authentication_api.php
In order to overcome this, one needs to add 3 lines at the end of this function:

set the cookies

auth_set_cookies( $t_user_id, $p_perm_login );
auth_set_tokens( $t_user_id );

Add these just before the comment line stating:

ok, we're good to login now (around line 279)

In addition, one can uncomment the line:

user_increment_login_count( $t_user_id );

It should look like:
user_increment_login_count( $t_user_id );
In that case still all logins are counted.

The change mentioned above can bring additional security risks in case you Mantis is on the WWW opposite an intranet.

TagsNo tags attached.


related to 0004235 closedvboctor Support Generic Authentication through Plug-ins 
related to 0008912 new A small modification allows to do Windows integrated authentication with mantis and IIS 




2010-12-22 06:30

reporter (1,731 bytes)