I can`t implement SSO on OTRS 2.4.7 for win (with StrawberryPerl) installation
tested on VirtualPC Windows XP, added to AD - domain
steps:
1. install otrs
2. download mod_auth_sspi 1.0.3, copy SO file to apache/modules
3. add loadmodule in apache httpd config file, before all other modules
Code: Select all
<IfModule !mod_auth_sspi.c>
LoadModule sspi_auth_module modules/mod_auth_sspi.so
</IfModule>
4. sync agent and customer from AD to OTRS DB, logged-in user exists in OTRS DB users and customer_user tables
5. setup Config.pm and otrs httpd conf file
Config.pm
Code: Select all
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
$Self->{'AuthModule::HTTPBasicAuth::Replace'} = 'domain\\';
$Self->{AgentPanelLoginURL} = 'http://portal/login/';
$Self->{AgentPanelLogoutURL} = 'http://portal/logout/';
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::HTTPBasicAuth';
$Self->{'Customer::AuthModule::HTTPBasicAuth::Replace'} = 'domain\\';
$Self->{CustomerPanelLoginURL} = 'http://portal/login/';
$Self->{CustomerPanelLogoutURL} = 'http://portal/logout/';
Code: Select all
<Location /otrs>
# ErrorDocument 403 /otrs/customer.pl
ErrorDocument 403 /otrs/index.pl
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
Options +ExecCGI
PerlOptions +ParseHeaders
PerlOptions +SetupEnv
AuthName "OTRS"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIDomain domain
SSPIUsernameCase lower
SSPIOfferBasic On
SSPIOmitDomain On
SSPIBasicPreferred Off
Require valid-user
Order allow,deny
Allow from all
</Location>
</IfModule>
in apache log sspi module loaded:
Apache/2.2.10 (Win32) mod_auth_sspi/1.0.3
in OTRS log file
Need UserLogin or UserID!
the same configuration with OTRS 2.4.7 for win (with OTRSperl + mod_perl - BETA RELEASE) installation works fine