PyAuthenNTLM2 icon indicating copy to clipboard operation
PyAuthenNTLM2 copied to clipboard
verified publisher icon Legrandin

It should be possible to include domain in the user identifier

Open Legrandin opened this issue 13 years ago • 2 comments

Right now, only the user's account name is put into the REMOTE_USER variable, and passed to the underlying application.

It would be nice if there was an option that allowed REMOTE_USER to also include the domain name.

For instance, let's say we have the domain WINDOM and a user John Doe with account name jdoe. Today, after authentication, the application behind Apache will display 'jdoe'. In some cases, it is preferable to have 'WINDOM\jdoe'.

Legrandin avatar May 15 '12 08:05 Legrandin

Whoever wants to have username as 'domain\user' needs to change PyAuthenNTLM2-2.2/pyntlm.py:

  1. line #326 from 'req.user = user' to 'req.user = domain + '\' + user'
  2. line #333 from 'req.connection.notes.add('NTLM_AUTHORIZED',user)' to 'req.connection.notes.add('NTLM_AUTHORIZED',domain + '\' + user)'

Regards, Artur

ojkoorde avatar Sep 03 '12 10:09 ojkoorde

I added a specific option called NameFmt so that one can choose to have only the user name or the logon name in REMOTE_USER.

https://github.com/Legrandin/PyAuthenNTLM2/commit/9595b273c9b2b8a53cef7cfe4dfdb78718d681cc https://github.com/Legrandin/PyAuthenNTLM2/commit/20d6356cc8b22ed96b149f39d2a8bdd8901a83e8 https://github.com/Legrandin/PyAuthenNTLM2/commit/2b6053d35a8f121e9a69b7582dcdd8fb72b46d13

Legrandin avatar Sep 25 '12 06:09 Legrandin