Using Apache / Kerberos / Keytab to Authenticate Redmine Users Against Active Directory

Posted by David Kaczynski on Server Fault See other posts from Server Fault or by David Kaczynski
Published on 2012-10-23T22:08:17Z Indexed on 2012/10/23 23:02 UTC
Read the original article Hit count: 444

Please bare with me, as I am still fresh to these technologies.

We have a Debian (squeeze) server to which I have root access. It is running Apache, and Redmine is deployed to the server (currently using a local MySQL database for authentication).

Apache is configured to use Kerberos and a keytab file to authenticate users against Active Directory. With the current configuration, as soon as a user attempts to access anything over https, the user is prompted for a username / password, which is successfully authenticated against Active Directory.

I understand (somewhat) that Redmine has its own LDAP configuration that can be used to authenticate users against an existing Active Directory, but this would require the user to enter their credentials one time for Apache and then a second time for Redmine.

I am wondering, Can I somehow configure Redmine to share the Apache authentication method as opposed to requiring the user to enter their credentials a second time? (Using Apache to authenticate against Active Directory is a requirement for a separate application on the server)

© Server Fault or respective owner

Related posts about active-directory

Related posts about ssl