Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

can't use HTTP basic auth any longer

Description

Under some approximation of 1.2.9 (more likely, early 1.3.X code from off the trunk), it was possible to have some combination of Apache and Tomcat use HTTP Basic authentication.

That made it easy to do things like have access to OpenNMS be authenticated through Kerberos.

In 1.3.2, or at least now that the acegi authentication framework is being used, this ability seems to be gone: you're forced to use the form-based authentication screen that you get when you go to https://whatever/opennms/index.jsp.

If we could get back the ability to move the authentication into some combination of Apache and/or Tomcat, that'd be great. (We're using Apache and the Apache/Tomcat Connector to handle https access here.)

Thanks.

Environment

Operating System: All Platform: All

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Benjamin Reed October 7, 2008 at 8:43 AM

Edit $OPENNMS_HOME/[webapp]/opennms/WEB-INF/applicationContext-acegi-security.xml and look in the "FILTER CHAIN" part at the top.

Remove the references to "authenticationProcessingFilter" in the /rss.jsp* and /** parts, so it goes from logoutFilter to basicProcessingFilter.

Steve Miller October 6, 2008 at 7:56 PM

It'd be interesting to know how one should do that. Perhaps there could be documentation, even. (-:

It's a bit of a moot point for me at this point, but it seems not unlikely to help someone else...

Benjamin Reed October 6, 2008 at 4:05 PM

you can change it back by editing the acegi configuration file

Incomplete

Details

Assignee

Reporter

Components

Fix versions

Affects versions

Priority

PagerDuty

Created July 13, 2007 at 1:40 PM
Updated January 27, 2017 at 4:32 PM
Resolved October 7, 2008 at 8:43 AM