I have now googled a lot of enabling SSO for OTRS. But i must ask this forum before i go further i think.
I have a security portal where i have some resources, like OWA, intranat and now we are changing to OTRS. OTRS 3.2.8 is working like a charm. But now i want to enable SSO so that the user does not have to enter the credentials again when starting OTRS. And the we dont like Username and password. our user log with either OTP or with certificate or with a Challenge token and the we link the user in the system to the correct ad user.
The Current OTRS setup is this.
Customers:
On the Customer loginpage, the user can log in with either manual created user in OTRS DB, or if the exist in the Customer AD that works to, Or if someone at the company want to ad a ticket they can login with their AD. So we have 3 Customer Backends, DB, LDAP for Customers and LDAP for CompanyEmployees.
On the Agent login page, i have setup a sync with the AD for OTRS to retrive who is allowed to login to Agent interface. I have also mapped the agent groups to AD groups. work like a charm
Now to my question, our security platform can send information to the resources, like an cookie with login information or a header, or a SAML ticket. We use this for all other resources. I now how to send this information to OTRS. But my questions is this:
1. IS it possible to send a cookie to OTRS, and if it is how will the format look like? Is there anything i must do with Apache configuration/OTRS configuration.
2. the same but with header?
3. This is not a question but i am testing to setup this with SAML. SO maybe i will get this to work
.More info about system.
Ubuntu 12.04 LTS Server 64 Bit
Apache 2.2, MySQL 5.5
OTRS 3.2.8 with latest ITSM modules and masterslave and Iphone packages.
And i hope to maybee see someone of you at OTRS Training in Stockholm in september.
Regards MonToxic