Project

General

Profile

Feature #1300

Foreman should support HTTP Authentification

Added by Romain Vrignaud over 11 years ago. Updated over 11 years ago.

Status:
Closed
Priority:
Normal
Category:
Authentication
Target version:
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Hello,

It would be great to allow HTTP Authentification in Foreman
(for instance to allow things like WebSSO with LemonLDAP::NG).

Thx in advance.


Related issues

Has duplicate Foreman - Feature #1369: Support Apache Basic Authentication for SSO.Closed2011-12-05
Is duplicate of Foreman - Bug #907: Foreman behind apache with userauth.Duplicate2011-05-17

Associated revisions

Revision 62756323 (diff)
Added by Romain Vrignaud over 11 years ago

fixes #1300 Add support of HTTP Auth with REMOTE_USER env variable

History

#1 Updated by Romain Vrignaud over 11 years ago

  • Assignee set to Romain Vrignaud

#3 Updated by Ken Barber over 11 years ago

I've tested this patch on 0.4 and it seems to work sufficiently okay. The edge cases aren't covered such as:

  • If the auth succeeds but the user doesn't exist, the error is not graceful.
  • It may be that someone wants the user to get created in the case of a user not existing in the INTERNAL_DATABASE.

Otherwise its a great start. Thanks Romain :-).

settings.yaml:

---
:login: true
:authorize_login_delegation: true

Sample apache config:

<VirtualHost *:80>
ServerName foreman1.vm
ServerAdmin
DocumentRoot /usr/share/foreman/public
Railsautodetect on
<Location />
AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/httpd/auth.pwd
Require Valid-User
</Location>
</VirtualHost>

#5 Updated by Romain Vrignaud over 11 years ago

Update patch to support WUI settings.

#7 Updated by Ohad Levy over 11 years ago

  • Category set to Authentication
  • Target version set to 1.0

#8 Updated by Anonymous over 11 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF