Tags:
create new tag
view all tags

SID-00698: User Mapping - Filtering REMOTE_USER

Status: Answered Answered TWiki version: 4.3.2 Perl version: 5.8.8
Category: CategoryAuthentication Server OS: Red Hat Enterprise LINUX 5.4 Last update: 15 years ago

I am a TWiki newbie, trying to get SSO working with my company's AD implementation. I have successfully created a kerberos keytab, and have mod_auth_kerb enabled in apache. The module is successful in attaching to AD using the keytab, and the issue that I am having now is mapping AD users to WikiNames.

Initially, I attempted to implement LoginNameAliasesPlugin, but found in another support topic that this was not supported in more recent TWiki Versions. The User Mapping topic in configure seems promising, but I can't find any place to configure it beyond simply being enabled.

Any advice is welcome!

Thanks.

-- JacobGreenleaf - 2009-12-29

Discussion and Answer

Whoops... I forgot to ask my more specific question.

I think that I can get this working if I can figure out how to strip the domain from the login name such that the REMOTE_USER variable contains only the short name of the user. However, I need to be able to do this 'en passant' as the logins are happening. Does anyone know where I might put a line of perl that would do that?

You know, something like:

$login =~ 's/\@.*$//g'

-- JacobGreenleaf - 2009-12-29

Try adding this to your twiki/lib/LocalSite.cfg:

$ENV{REMOTE_USER} =~ s/\@.*$//g if( $ENV{REMOTE_USER} );

This is untested and quick hack.

The proper solution is to write your own PasswordManager and UserMappingManager and set it in configure. Compare with twiki/lib/TWiki/Users/HtPasswdUser.pm and twiki/lib/TWiki/Users/TWikiUserMapping.pm.

-- PeterThoeny - 2009-12-30

Thanks so much for taking the time to respond, Peter. I shall do as you suggest.

--jacob

-- JacobGreenleaf - 2009-12-31

Closing, seems to be answered.

-- PeterThoeny - 2010-02-02

      Change status to:
ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.
SupportForm
Status Answered
Title User Mapping - Filtering REMOTE_USER
SupportCategory CategoryAuthentication
TWiki version 4.3.2
Server OS Red Hat Enterprise LINUX 5.4
Web server Apache 2.2.3-31
Perl version 5.8.8
Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 2010-02-02 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.