The attached patch adds an “extauth” configuration option to the RT
environment, and the rtrc file, for folks using RT with ExternalAuth.
adding “extauth basic” to your .rtrc file will cause the rt cli to send
credentials via http basic authentication, instead of in the rest
request. Currently, only basic auth is supported.
Is there a better way to accomplish this? comments welcome.
–Marc.
Marc “Muncus” Dougherty
Security Guerilla
Northeastern University
College of Computer and Information Science
in your RT CLI config file.On Fri, May 28, 2004 at 01:56:38PM -0400, Marc Dougherty wrote:
The attached patch adds an “extauth” configuration option to the RT
environment, and the rtrc file, for folks using RT with ExternalAuth.
adding “extauth basic” to your .rtrc file will cause the rt cli to send
credentials via http basic authentication, instead of in the rest
request. Currently, only basic auth is supported.
Is there a better way to accomplish this? comments welcome.
–Marc.
–
Marc “Muncus” Dougherty
Security Guerilla
Northeastern University
College of Computer and Information Science
Realize that this is NOT secure since the URL is not encrypted when
sent to the server. If your using https because you care about security
this may not be a good idea.
Realize that this is NOT secure since the URL is not encrypted when
sent to the server. If your using https because you care about security
this may not be a good idea.
Realize also that this is a convention used within the LWP library. It
transforms the URL and yanks out the credentials into an HTTP header
before sending.