Page MenuHomePhabricator

REMOTE_USER authentication
Closed, DuplicatePublic

Description

It would be nice if I could authenticate against the authentication facilities of the webserver, e.g. Kerberos/GSSAPI, which manifests in the application via the REMOTE_USER environment variable.

For Redmine I protected the /login-gssapi URL with mod-auth-gssapi within the webserver. /login-gssapi is then setup within Redmine as an alternate route to /login, so that I can use a hack/live-patch and a custom authentication provider to adjust the authentication process to also check for the REMOTE_USER environment variable. I hope that this is much simpler in Phabricator.