[modauthtkt-users] SSO config issues
Status: Beta
Brought to you by:
gonzai
From: KK C. <kkc...@gm...> - 2012-05-15 16:24:08
|
List I am trying a SSO from a plone(4.1.4 version) intranet site to a squirrel mail webclient. I have enabled in the plone site for the cookie sharing for mydomain.com and shared a secret is there "blah" Now in the server machine for apache I enabled mod_auth_tkt ( the plone version supports mod_auth_tkt compatible systems.) The plone site and SquirrelMain both runs in the same machine under same apache were mod_tkt is loaded. Vhost entry for Squirrel mail <VirtualHost *:80> ServerAdmin web...@my... DocumentRoot /usr/local/www/SquirrelMail ServerName webmail.mydomain.com ServerAlias webmail.mydomain.com TKTAuthSecret "blah" <Location /src/login.php> # ist this <Location > directive is right? TKTAuthIgnoreIP on TKTAuthDebug 2 TKTAuthDomain .mydomain.com TKTAuthTimeout 2w TKTAuthCookieExpires 2w TKTAuthRequireSSL off TKTAuthCookieSecure off </Location> ErrorLog /var/log/httpd-error.log CustomLog /var/log/httpd-access.log combined </VirtualHost> There is an existing IMAP account user: kk...@we... password: mypass Then I created the same user kk...@we... in Plone Site with same password "mypass" Restarted apache I logged in to the plone site (intranet.mydomain.com) with the user name "kk...@we..." with "mypass" and click the link for webmail.mydomain.com but it prompts me for username and password. Do I miss any configuration other than the above in the Squirrel Mail virtualhost config ? Or anything additional work required? This is my Virtual host configuration for Plone site. <VirtualHost *:80> ServerAdmin kk...@we... ServerName intranet.mydomain.com RewriteEngine On RewriteRule ^/(.*) http://127.0.0.1:8081/VirtualHostBase/http/intranet.mydomain.com:80/Intranet/VirtualHostRoot/$1 [L,P] ErrorLog /var/log/apache/intranet.mydomain.com/error_log CustomLog /var/log/apache/intranet.mydomain.com/access.log combined </VirtualHost> Please shed some light on this regard, to accomplish SSO from the plone site to SM. Thanks in advance KK |