View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0003043 | mantisbt | authentication | public | 2003-03-08 01:52 | 2014-10-02 18:21 |
Reporter | Assigned To | grangeway | |||
Priority | normal | Severity | feature | Reproducibility | N/A |
Status | closed | Resolution | suspended | ||
Platform | x86 | OS | Windows 2000 | ||
Summary | 0003043: support for NTLM authentication | ||||
Description | can we have support for NTLM authentication (Windows Integrated Authentication)? I figure it would be almost the same as BASIC_AUTH -- relying on OS for password check, and signing up user if the user does not exist in Mantis backend db. | ||||
Tags | No tags attached. | ||||
What would be more useful would be LDAP since more systems use LDAP... |
|
I'll assign this to vboctor since he's the only developer who actually runs mantis on windows as far as I know. He may have an opinion on how hard it would be. Also note that there already is LDAP auth - check the config file for necessary options. |
|
Oops... added victor as reporter instead of handler. Fixed now |
|
LDAP would cover Active directory wouldn't it? |
|
I don't know if there is still someone waiting for NTLM in Mantis, but I have implemented it for the current 0.19.0 for our internal network. I did not, however, keep up with the coding guidelines (that's why I do not post it now), but I will provide a diff or a zip of the affected files if there is any interest. |
|
G'day strushb, I would be keenly interested in the NTLM mods you made to 0.19.0. Is it done through reading the "PHP_AUTH_USER" and/or "PHP_AUTH_PW" variables when authenticated through NTLM, and then using them to create an entry in the "mantis_user_table" table? |
|
strushb, I too would be very interested in your work. Would you post the 19.0 mods? Thanks in advance |
|
After some testing within our Mantis installation, I decided that my solution is not secure, not even for controlled environments. Therefore, I cannot release this hack. |
|
what was the rough outline of your solution? |
|
Resolving as "suspended" We'll add support for authentication plugins, support for NTLM authentication would then be best implemented as a plugin seperate to the main code. This issue is still linked to the parent issue regarding implementing auth plugins so at that point in time can be evaluated. |
|