https://www.redmine.org/
https://www.redmine.org/favicon.ico?1679302129
2007-07-12T01:47:00Z
Redmine
Redmine - Feature #387: Support for Linux passwords
https://www.redmine.org/issues/387?journal_id=880
2007-07-12T01:47:00Z
Jérôme Fenal
<ul></ul><p>In general, this shouldn't be done by redMine, but done by the<br />web server, with mod_auth_pam, mod_auth_ldap, etc. and redMine<br />using the credentials passed to it by the web server.<br />This way, authentication code can stay clear, without specifics<br />to one or another auth mean.</p>
Redmine - Feature #387: Support for Linux passwords
https://www.redmine.org/issues/387?journal_id=879
2007-07-20T06:45:00Z
Jean-Philippe Lang
jp_lang@yahoo.fr
<ul></ul><p>LDAP auth is commonly used, that's why it's natively supported<br />in Redmine.<br />But Jérôme is right, Redmine should also provide a way to rely<br />on the web server to authenticate users and thus allow any auth<br />mean to be used.</p>
<p>A simple hook (based on HTTP headers) in the Redmine's authentication<br />mechanism should do the trick.</p>
Redmine - Feature #387: Support for Linux passwords
https://www.redmine.org/issues/387?journal_id=6195
2008-12-18T20:58:31Z
Scott Serr
<ul></ul><p>Has anyone hacked this together? How hard would it be? I imagine by the time someone told me how to do it, they could do it.</p>
<p>Trac had buggy support for mod_auth_pam. (had you restrict that area of the site in your apache.conf) So I suspect it's not dead simple. I rather it not be buggy. I'm looking into bringing up an LDAP server and populating it nightly with ypcat... A hack, but I would know where to start.</p>
<p>Anyone?</p>
Redmine - Feature #387: Support for Linux passwords
https://www.redmine.org/issues/387?journal_id=6220
2008-12-19T17:34:29Z
Scott Serr
<ul></ul><p>After reading what I posted, that sounded whiny.</p>
<p>I would be happy to research this and code it up. I need some direction... possibly an example of this hook in another project (ruby or otherwise).</p>
<p>The whining sound came from thinking that people willing to help would rather just code it themselves.</p>
<p>Here is what I think Jean-Philippe was thinking with the simple hook based on HTTP headers. In Apache, you would make some dummy restricted area location that would use PAM. This would not be directly accessed by the user web browser. But the Login page's backend would go "hit" the server in this location with the user/pass that was entered in the login page. If it gets a ??? error in the HTTP headers, then don't authenticate.</p>
<p>Is this how it should be done? Thanks!</p>
Redmine - Feature #387: Support for Linux passwords
https://www.redmine.org/issues/387?journal_id=22528
2010-11-18T09:39:22Z
Sebastian Roth
<ul></ul><p>There is a ruby PAM module, but it's not even included in Debian.</p>
<ul>
<li><a class="external" href="http://ruby-pam.sourceforge.net/ruby-pam.html">http://ruby-pam.sourceforge.net/ruby-pam.html</a></li>
<li><a class="external" href="http://ruby-pam.sourceforge.net/pam-ruby.html">http://ruby-pam.sourceforge.net/pam-ruby.html</a></li>
</ul>
Redmine - Feature #387: Support for Linux passwords
https://www.redmine.org/issues/387?journal_id=26886
2011-03-23T10:59:51Z
Toshi MARUYAMA
<ul><li><strong>Category</strong> set to <i>Accounts / authentication</i></li></ul>