Tags:
create new tag
view all tags

Question

How can I set using value from a HTTP Header. We want to use a SSO product to authenticate user, then the SSO product passes the username as a HTTP header to Apache/Twiki. Can Twiki grab that HTTP Header directly, or we need to set it up somewhere?

Environment

TWiki version: TWikiRelease04x00x00
TWiki plugins: DefaultPlugin, EmptyPlugin, InterwikiPlugin
Server OS: Windows 2003
Web server: Apache 2.0.x
Perl version:  
Client OS: Windows XP
Web Browser: IE 6
Categories: Authentication

-- BenLiang - 14 Feb 2006

Answer

ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

This is certainly possible, perhaps in a plugin that makes calls to CPAN:CGI to get headers (maybe there's a better way...), but definitely feasible with a core code change.

There does of course need to be some validation that this is a valid header - a cryptographic hash or something to ensure that it is the SSO product that has set the userid. Otherwise, it would be very easy to just fake the authentication. Probably the SSO product has some way of doing this, but this would somewhat complicate the plugin that does authentication.

Googling for TWiki, authentication, LDAP and SiteMinder may turn up some useful discussion and plugins.

-- RichardDonkin - 15 Feb 2006

Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r3 - 2006-03-12 - CrawfordCurrie
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.