Custom HTTP Authentication Module - how to authenticate each request?

Hi,

I want to run TeamCity behind a reverse proxy which handles authentication (including the user's session). The reverse proxy provides the user name with each HTTP request in a header field. Thus, I have written a custom HTTP authentication module according to:
https://confluence.jetbrains.com/display/TCD9/Custom+Authentication+Module#CustomAuthenticationModule-HTTPAuthenticationModule

I realized that not each request is going to pass the method processAuthenticationRequest. How would I achieve that?

Thanks and BR,
Lukas

3 comments
Comment actions Permalink

Hi Lukas,

If the server determines that authentication is necessary, the method should be called. Could you detail what TeamCity version you try this with and which requests are not handled?

In case you can find it helpful, here is a sample plugin implementing HTTP authentication: http://svn.jetbrains.org/teamcity/plugins/alternativeUserLogin/trunk/

0
Comment actions Permalink

Hi,

thanks for your response. I use version 9.0.3 build 32334 (latest release at the moment). My problem is that I don't want to have a "session in a session". If every HTTP request would pass the custom authentication module, there would be only one session (defined by the reverse proxy).

Another solution would be to completely disable the built-in authentication module. If I remove the default module from "auth-config.xml", the login form ist still available (/login.html) and it is possible to authenticate with user name and password :-(

0
Comment actions Permalink

Lukas,

Could you please detail the issue in more detail, possibly providing some example of the request pass through?

As to disabling the basic auth: at this time TeamCity falls back to built-in authentication if no autnentication modules are configured.
You can either prohibit users form changing passwords and set random password for them, or write one more authentication module which never logs users in and set is instead of built-in.

0

Please sign in to leave a comment.