Internal authentification only for REST API

andkulb · October 17, 2013, 9:29am

Hello,

I’m using externat auth source (shibboleth) for my RT installation, which
redirect me to the login page, where I need to enter my username and
password.

While using the REST API, I store my user in RT database, so I could
authenticate using database not the external source. But after succesfull
authentication via REST API I still get redirected to the external login
page.

How to fix that?

Regards,
Andrius

View this message in context: http://requesttracker.8502.n7.nabble.com/Internal-authentification-only-for-REST-API-tp55512.html

Kevin_Falcone · October 17, 2013, 2:41pm

I’m using externat auth source (shibboleth) for my RT installation, which
redirect me to the login page, where I need to enter my username and
password.

While using the REST API, I store my user in RT database, so I could
authenticate using database not the external source. But after succesfull
authentication via REST API I still get redirected to the external login
page.

Configure apache not to require shibboleth for things under /REST/
My guess is you’re using an Unprivileged user to test and being
redirected to /SelfService/ which triggers shibboleth.

-kevin

andkulb · October 18, 2013, 6:57am

Done that. But now REST doesn’t require any password at all? Is it also
possible to require RT internal auth in specific folder?

Thanks in advance.

View this message in context: http://requesttracker.8502.n7.nabble.com/Internal-authentification-only-for-REST-API-tp55512p55535.html

Kevin_Falcone · October 18, 2013, 1:15pm

Done that. But now REST doesn’t require any password at all? Is it also
possible to require RT internal auth in specific folder?

REST requires authentication at the RT level unless you’ve made some
some pretty drastic changes.

-kevin