Re: [SL] new session procedure
Brought to you by:
dsimader
From: Frank G. <fga...@ve...> - 2006-09-08 13:57:17
|
Philippe Schelt=E9 wrote: >> Dieter, would it be difficult to (as an alternative) to support= =20 >> external authentication i.e. delegate the authentication to apache= ,=20 >> and on the SL side just trust the REMOTE_USER environment variable= ,=20 >> and bypass the SL authentication if this is set? >> >> That would be very nice in terms of using ldap or some kind of= =20 >> single-signon authentication with SL, and would mean the truly= =20 >> paranoid could implement whatever crazy auth scheme they'd like= =20 >> themselves. >> >> You'd still need the SL user database for authorization of course. >> =20 >> =20 > I second this very much ! > > regards > > Philippe > =20 I too would look forward to multiple authentication schemes. I use SL for my own personal business. At work, I use a bug tracking= =20 system that many of you have probably heard of - Bugzilla. They have= an=20 option to either use their internal user database, LDAP, or external= =20 environment variables. No PAM yet, though. But it could be a good= =20 start for looking at code. I use the LDAP authentication against my= =20 company's active directory, and then bugzilla uses the username for= =20 authorization. The parallel here is that Bugzilla is also written primarily in Perl.= .. Hope that helps point someone in the right direction... Regards, Frank |