I made SSO(by Apache2::AuthenNTLM) login for agents and customers(credentials stored in AD). Now i need to close access for all customers, except one access group, to agent's interface . Could someone tell me how it should be done?
These are my conf files:
/etc/apache2/conf.d/otrs.conf contains
Code: Select all
<Location /otrs>
PerlAuthenHandler Apache2::AuthenNTLM
AuthType ntlm,basic
AuthName Basic
require valid-user
PerlAddVar ntdomain "DOMAIN dc bdc"
PerlSetVar defaultdomain DOMAIN
PerlSetVar splitdomainprefix 1
</Location>
Code: Select all
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
$Self->{AgentPanelLoginURL} = 'http://otrs-server/otrs/no_sso_login_possible.html';
$Self->{AgentPanelLogoutURL} = 'http://otrs-server/otrs/logout.html';
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::HTTPBasicAuth';
$Self->{CustomerPanelLoginURL} = 'http://otrs-server/otrs/no_sso_login_possible.html';
$Self->{CustomerPanelLogoutURL} = 'http://otrs-server/otrs/logout.html';
Code: Select all
# Check if the user is allowed to auth in a posixGroup
# (e. g. user needs to be in a group OTRS_Agents to use otrs)
$Self->{'AuthModule::LDAP::GroupDN'} = 'cn=grAdmins,ou="AccessGroups",dc=domain';
$Self->{'AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'AuthModule::LDAP::UserAttr'} = 'DN';
I'm using OTRS 2.4.7 on ubuntu server 10.04.