0003394: rely on external source for authentication - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0003394	mantisbt	feature	public	2003-10-30 00:24	2008-07-24 16:50

Reporter	bzheng	Assigned To	grangeway
Priority	normal	Severity	feature	Reproducibility	N/A
Status	closed	Resolution	duplicate

Summary	0003394: rely on external source for authentication
Description	i want to rely on the web server for proper authentication. say, i have auth_ntlm or auth_pam turned on, and the username will be accessible in $_SERVER["XXX"] once the web server authenticates the user. if i have my own web form based authentication, the username will be held in something like $_SESSION["XXX"]. And the user should be created in Mantis with a dummy password if it does not exist in Mantis already. This would be something close to single-signon.
Additional Information	I figure all it takes are: 1.a new $g_login_method. 2.a variable in config_ini.php to hold the name of the variable that holds username. i.e. $g_username_var = "\$HTTP_SERVER_VARS['PHP_AUTH_USER']"); 3.code to check if the variable ($HTTP_SERVER_VARS['PHP_AUTH_USER'] in most cases) is set, create account in Mantis if needed, then allow access. 4.some way to generate an email address based on the username, I would suggest a $g_user_domain so email = "$username@$g_user_domain"; or a place for user to put their own transformation function.
Tags	No tags attached.

grangeway 2008-07-13 11:07 reporter ~0018424	Hello, The issue described here will become more feasible once support for authentication plugins is added to mantis. Marking this issue as a duplicate of issue 0004235 which describes the plugin functionality. Paul