Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Forcing login module

Hi all.

I'd need to force login through an external page if the user is not authenticated, so that the osTicket login page never appears.
I already have a login module I've written that gets user authentication state from the external site. Is it "safe" (does it break something in osTicket core or not?) to issue an http redirect from an auth plugin? Or is there a preferred method?

TIA
Diego

Comments

  • If I were in your position I'd try the http passthru authentication plugin ;)
    http://osticket.com/download   (under plugins)

    The plugins provides the functionality that you can authenticate against the webserver (maybe also against another database) and this authentication info is then taken along to osTicket. We use it in combination with the LDAP auth plugin to achieve single sign on for our LDAP users, but I'm sure it will work even without LDAP, we just never tried / needed that so I don't have any experience in using it standalone.
  • edited September 2015
    Tks, but http-pt module just delegates to internal auth if the user is not authenticated.
    That's not what I need... :(
    I want to require that users authenticate on another page and never get to OsTicket login page...
    If you use it for LDAP, what happens when an unauthenticated user tries to access OsT?
  • Unauthenticated users get authenticated and logged in. If they don't have an account yet, osTicket creates automatically an account and logs the user in afterwards. But that depends on the osTicket registration settings, so when we would change them I guess the users to then get an access denied and users will stay unauthenticated.

    You could try to call the login.php in the background (we do this) so when the user then is at the web portal and logged in (or not, based on the result). This way with a little PHP page that calls the login.php in background via java script and then redirects to the web portal of osTicket we save our users 1 click since they are already signed in when they see the osTicket web portal.

    So maybe that way you could try to figure out something that way. I know pretty vague, but give it a try.
  • Tks for the hint. But I don't think it's applicable.
    I already have a module that if a user is authenticated in the "portal" he gets authenticated in OsTicket (and it handles both users and agents, depending on group membership -- but I didn't yet test agent-deprovisioning).
    The problem is when a user is not authenticated in the "portal" and tries to access OsTicket directly (maybe via a link in the mail): he gets the ost-login page instead of being redirected to the portal page (because I don't know the ost-specific correct way to redirect from my module...).
    Hope this better explains what I'm looking for.
  • Okay sounds like you need to check authentication status first (maybe via web server settings / rules) and if not authenticated direct the user first to your portal for login and after login redirect to the osTicket page that shall be opened.

    I'm almost sure that it's possible but you surely need time and research to get it working that way. But that would be my approach to check via some web server settings/rules or redirection page if the user is already authenticated or not.
  • @DiegoZuccato  I have been try to use  http passthru authentication plugin without LDAP, I just need when I was login in my Own app go to osticket logged too , so I saw you did it, can you help me please 

    thanks in advance 
Sign In or Register to comment.