Single signon problem

[danchitu86]

Hi!

I use OTRS 3.2.3 installed on Windows 2008R2 with SSO active.

If I access OTRS - Agent link single signon works perfect and loged me in with my current username (link: http://relatiiclienti/otrs/index.pl?).
But, if I click on a link from a notification e-mail recevied from OTRS (link: http://relatiiclienti.man.apabucur.ro/o ... cketID=472) the browser asks for username and password. You can see the attachment.

Do you have any idea what can I do?

Thanks a lot!

[crythias]

sso needs to understand the FQDN. Make sure it's in your keytab.

[danchitu86]

You are right, it's from FQDN. But how can I resolve the problem? What should I change? I will show you below codes for sso:

Code: Select all

 In config.pm:
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
$Self->{'AuthModule::HTTPBasicAuth::Replace'} = 'man\\';
    # If you use this module, you should use as fallback
    # the following configuration settings if the user is not authorized
    # apache ($ENV{REMOTE_USER})
    $Self->{LoginURL} = 'http://http://www.google.ro/';
# or a youtube vid of Rick Astley?
    $Self->{LogoutURL} = 'http://http://www.google.ro/';

Code: Select all

 In httpd.conf:
LoadModule sspi_auth_module modules/mod_auth_sspi.so
LoadModule headers_module modules/mod_headers.so

#<Directory />
#   Options FollowSymLinks
#  AllowOverride None
# Order deny,allow
#Deny from all
#</Directory>
    <IfModule mod_auth_sspi.c>
    <Directory "D:/OTRS/OTRS/bin/cgi-bin">
        AuthType SSPI
        SSPIAuth On
        SSPIAuthoritative On
        SSPIDomain mydomain.com
        SSPIUsernameCase lower
        SSPIOfferBasic On
        SSPIOmitDomain on
        Require valid-user
        AllowOverride None
        Options +ExecCGI -Includes
        Order allow,deny
        Allow from all
    </Directory>
    </IfModule>

Thanks a lot!

[crythias]

Start here