Open Bug 813082 Opened 12 years ago Updated 10 years ago

Support for Windows Authentication using IIS

Categories

(Bugzilla :: Administration, task)

4.2.4
task
Not set
normal

Tracking

()

UNCONFIRMED

People

(Reporter: torsten, Unassigned)

References

()

Details

Attachments

(1 file)

When using Windows Authentication in IIS (at least with version 7), IIS sets REMOTE_USER to DOMAIN\login. This breaks Bugzilla (when auth_env_email is set to REMOTE_USER). The attached simple patch fixes this issue for me.
Attachment #683096 - Attachment is patch: true
This is a duplicate of bug 125121, isn't it? Or at least it blocks that bug.
Assignee: installation → administration
Component: Installation & Upgrading → Administration
OS: Windows 7 → All
Note that Microsoft doesn't recommend to use Windows Authentication: "Windows authentication is not appropriate for use in an Internet environment, because that environment does not require or encrypt user credentials." Anyway, as \ is not legal in email addresses, your patch shouldn't mess with email addresses. But I wonder if it could mess with some other authentication method.
(In reply to Frédéric Buclin from comment #2) > Note that Microsoft doesn't recommend to use Windows Authentication: > > "Windows authentication is not appropriate for use in an Internet > environment, because that environment does not require or encrypt user > credentials." Correct. The server in question is not accessible to the Internet.
(In reply to Frédéric Buclin from comment #1) > This is a duplicate of bug 125121, isn't it? Or at least it blocks that bug. I don't believe it is. Authentication works fine on Windows using Apache.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: