View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0003043||mantisbt||authentication||public||2003-03-08 01:52||2014-10-02 18:21|
|Summary||0003043: support for NTLM authentication|
can we have support for NTLM authentication (Windows Integrated Authentication)? I figure it would be almost the same as BASIC_AUTH -- relying on OS for password check, and signing up user if the user does not exist in Mantis backend db.
|Tags||No tags attached.|
What would be more useful would be LDAP since more systems use LDAP...
I'll assign this to vboctor since he's the only developer who actually runs mantis on windows as far as I know. He may have an opinion on how hard it would be.
Also note that there already is LDAP auth - check the config file for necessary options.
Oops... added victor as reporter instead of handler. Fixed now
LDAP would cover Active directory wouldn't it?
I don't know if there is still someone waiting for NTLM in Mantis, but I have implemented it for the current 0.19.0 for our internal network.
I did not, however, keep up with the coding guidelines (that's why I do not post it now), but I will provide a diff or a zip of the affected files if there is any interest.
G'day strushb, I would be keenly interested in the NTLM mods you made to 0.19.0.
Is it done through reading the "PHP_AUTH_USER" and/or "PHP_AUTH_PW" variables when authenticated through NTLM, and then using them to create an entry in the "mantis_user_table" table?
strushb, I too would be very interested in your work. Would you post the 19.0 mods? Thanks in advance
After some testing within our Mantis installation, I decided that my solution is not secure, not even for controlled environments. Therefore, I cannot release this hack.
what was the rough outline of your solution?
Resolving as "suspended"
We'll add support for authentication plugins, support for NTLM authentication would then be best implemented as a plugin seperate to the main code.
This issue is still linked to the parent issue regarding implementing auth plugins so at that point in time can be evaluated.
|2003-03-08 17:20||teak421||Note Added: 0003938|
|2003-03-09 03:59||jfitzell||Reporter||reporter => vboctor|
|2003-03-09 03:59||jfitzell||Note Added: 0003944|
|2003-03-09 03:59||jfitzell||Status||new => assigned|
|2003-03-13 20:05||jfitzell||Reporter||vboctor => reporter|
|2003-03-13 20:05||jfitzell||Assigned To||=> vboctor|
|2003-03-13 20:05||jfitzell||Note Added: 0003979|
|2003-04-05 11:25||grangeway||Note Added: 0004134|
|2004-07-31 21:04||vboctor||Relationship added||related to 0004235|
|2004-09-02 16:45||vboctor||Assigned To||vboctor =>|
|2004-09-02 16:47||vboctor||Status||assigned => acknowledged|
|2004-10-15 09:31||strushb||Note Added: 0008054|
|2004-12-06 00:17||sead||Note Added: 0008518|
|2004-12-06 00:19||sead||Note Edited: 0008518|
|2004-12-06 01:23||Matt_wc||Note Added: 0008519|
|2005-01-10 09:31||strushb||Note Added: 0008908|
|2005-03-22 15:55||grangeway||Note Added: 0009637|
|2007-07-06 10:45||vboctor||Category||bugtracker => authentication|
|2014-09-22 15:55||grangeway||Note Added: 0041282|
|2014-09-22 15:55||grangeway||Status||acknowledged => resolved|
|2014-09-22 15:55||grangeway||Resolution||open => suspended|
|2014-09-22 15:55||grangeway||Assigned To||=> grangeway|
|2014-09-22 15:56||grangeway||Note Edited: 0041282||View Revisions|
|2014-10-02 18:21||atrol||Status||resolved => closed|