auth delegation


i have used bugzilla for many open source projects in the past (gentoo, systemd,
kernel to name a few) and now, working at an ip-telephony/ISP, i'm looking into
deploying bugzilla as our tracking system. here are the initial question i have.

i have 2 questions now.

share your experience please:
my first questions is, has anyone done something similar here? any pitfalls to
watch out for?

question of authentication:
we don't use ldap. we already have a web portal and http authentication in place
for our clients. we use postgres for our database needs. ideally i would want
users to be able to authenticate with existing credentials. in that ideal world,
bugzilla would ask us for credibility of the user and if it gets the go ahead
then it logins the user in the following way. if a *local-user* exist for this
*remote-user* then business as usual, load local-user's profile and proceed. if
not then a *local-user* will be created and its profile will be used next time
they are let in. in this scheme, bugzilla never authenticates users, it always
asks us for authentication.
my question is, is this possible? if not, can it be implemented via the REST
api? i'm not a perl programmer (if such a thing exist) and mostly write in C and
recently have done lots of php here; modifying perl however is not the end of
the world of course.

i have seen the 'auth delegation' and api key section of docs but i'm not clear
if that will do what i explained above. it looks to me that api key is for using
the credentials of users with bugzilla to query bugzilla from some 3rd-party
application. do i have that right?

	-- jrun
11/14/2017 7:44:21 PM 9993 articles. 0 followers. Post Follow

0 Replies

Similar Articles

[PageSpeed] 31