Solved: Re: SSO with Basic Auth question

cryptochrome_ · ‎08-18-2008

Hi,

I want to use SSO for a web ressource, that uses Basic Auth. The username on the web ressource is slightly different from the one that is being used to log into the IVE. The web ressource requires a suffix to be added to the username.

Username on IVE: testuser

Username on Ressource: testuser.suffix

Could use a custom username in the web ressource that say: <USERNAME>.suffix and a custom variable password that says <PASSWORD> to get this done? If not, how would I do this?

Thanks

Sascha

kenlars_ · ‎08-27-2008

I did a google search on that error message, and this turned up -

http://archive.apache.org/gnats/1666

Any chance your customer is running Apache?

My only other suggestion is that it might be time to invole JTAC. This doesn't look like a usage question - it might be a bug.

View solution in original post

kenlars_ · ‎03-24-2008

I'd agree that this looks like an Apache bug, and I think a bug fix is referenced in the web page. If your user is running Apache, this might be the silver bullet. If not, I think it's time to call JTAC.

cryptochrome_ · ‎03-29-2008

All right. I'll have them check out their Apache server. Maybe there is an update.

Thank you very much for your help, really appreciated!

Cheers

Sascha

Twitter: @cryptochrome
--------------------------------
plus.google.com/11635909860

Jickfoo_ · ‎08-18-2008

should work.. if not use the troubleshooting tools to determine why. I believe you want a policy trace.

cryptochrome_ · ‎08-18-2008

nope. does not work. will try a policy trace.

imtravis_ · ‎08-18-2008

Have you tried <USER>.suffix? I think that's the variable (I just checked our configurations and noticed that difference.

cryptochrome_ · ‎08-19-2008

just tried it with the <USER> variable. didn't do it.

I'll keep trying.

cryptochrome_ · ‎08-19-2008

one more thing... the users in this case are authenticated against a LDAP server. I just tried a policy trace and a simulation, and in both cases the username I supplied could not be found by the IVE and thus the trace failed (no role mapping). I used the exact username that the users use to login.

Is it possible that I need to add something else to the variable to reflect the fact it is coming from LDAP?

kenlars_ · ‎08-20-2008

Did you see the user name in the policy trace? You should be able to see the name of the variable to which it is assigned there.

cryptochrome_ · ‎08-20-2008

Wouldn't I have to specify the username for the policy trace before I can start it?

Actually I didn't do a trace yet, I tried the simulation instead. For the simulation, you have to specify the user name, but that does not seem to work. It does not seem to verify the username against the LDAP server, thus it can't really find it nor map it to any roles.