You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Reid, Cherie" <Ch...@workcover.nsw.gov.au> on 2004/11/10 23:02:59 UTC
[users@httpd] Using the AuthenNTLM module with an Apache 1.3 / Unix environment
Hi,
I am running Apache 1.3 on a Unix server with an AIX v5.2 os. It is working with a Windows client.
I am involved in a project implementing a Cognos Business Intelligence solution via the web. When a request is made by an intranet user to use the cognos web portal, cognos verifies the user via the REMOTE_USER CGI variable thus allowing a single signon solution. The REMOTE_USER variable needs to have been passed the value of the windows environment variable USERNAME. But with the way Apache unix has access authentication set up I need to prompt the user for the username to set REMOTE_USER, which is then authenticated against a pasword file maintained inside Apache. Problem is that I dont want to prompt the user and I want to authenticate users against a Cognos namespace not an Apache passowrd file.
So, I have decided to install the AuthenNTLM module to mimic the NT challenge response protocol and initialise the REMOTE_USER variable. My question is, [yes, I did have a question after all this!! :) ] Will this variable keep it's value for the length of the browser session after the AuthenNTLM has completed its authentication process? As stated before I need it for Cognos to use it.
Also, does this solution sound ok??
Re: [users@httpd] Using the AuthenNTLM module with an Apache 1.3
/ Unix environment
Posted by Shannon Eric Peevey <sp...@unt.edu>.
Reid, Cherie wrote:
>
>
> Hi,
>
>
> I am running Apache 1.3 on a Unix server with an AIX v5.2 os. It is
> working with a Windows client.
>
> I am involved in a project implementing a Cognos Business Intelligence
> solution via the web. When a request is made by an intranet user to use
> the cognos web portal, cognos verifies the user via the REMOTE_USER CGI
> variable thus allowing a single signon solution. The REMOTE_USER
> variable needs to have been passed the value of the windows environment
> variable USERNAME. But with the way Apache unix has access
> authentication set up I need to prompt the user for the username to set
> REMOTE_USER, which is then authenticated against a pasword file
> maintained inside Apache. Problem is that I dont want to prompt the user
> and I want to authenticate users against a Cognos namespace not an
> Apache passowrd file.
>
> So, I have decided to install the AuthenNTLM module to mimic the NT
> challenge response protocol and initialise the REMOTE_USER variable. My
> question is, [yes, I did have a question after all this!! :) ] Will this
> variable keep it's value for the length of the browser session after the
> AuthenNTLM has completed its authentication process? As stated before I
> need it for Cognos to use it.
>
> Also, does this solution sound ok??
>
AuthenNTLM will cache the connection for the session, but you will
probably have to override some methods in the script to get it to set
REMOTE_USER. (Specifically, map_user() ). Gerald has written a great
example to help you figure out how to override methods in AuthenNTLM in
the documentation of the module. Simply set REMOTE_USER in the newly
modified map_user() method, and voila!
take care,
--
Shannon Eric Peevey => "speeves"
Dyno-Mite! System Administrator => speeves@unt.edu
Central Web Support => (940) 369-8876
University of North Texas => http://web2.unt.edu
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org