[CORE-34] Allow individual users to authenticate via database when the hive params indicate NTLM authentication - i2b2 JIRA

Details

Type: Improvement
Status: Closed
Priority: Trivial
Resolution: Won't Fix
Affects Version/s: 1.6.00-RC1
Fix Version/s: 1.6.00
Component/s: PM Cell
Labels:
None
Environment:
those using windows and NTLM.

Description

Hi,
A minor change in the PM class ServicesHandler in the method validateSuppliedPassword(...) would allow administrators to set up PM to generally validate users with NTLM (via pm_hive_params settings) and a few users to validate with database password (via pm_user_params).
The few users would likely be any special i2b2 accounts that sites don't want to have to put into their LDAP/AD systems (like the obfuscated service account). This could benefit sites that have larger user bases.

This would reduce the amount of configuration some sites need to perform. This would make i2b2's authentication system symmetrical and not care whether the admin wants to default to database or NTLM and have a few users do the opposite.

The change in validateSuppliedPassword(...) would be in the NLTLM branch to see if the user has pm_user_params and if so, to use them to authenticate rather than assuming NTLM as that branch currently does.

This suggestion comes out of the "Active Directory and i2b2 1.5" thread in the members.i2b2aug.org mailing list.

Thanks for listening.

Attachments

Activity

Janice Donahoe added a comment - 28/May/14 3:20 PM

Can set by specifying that user with the param of authentication_type=password

Janice Donahoe added a comment - 28/May/14 3:20 PM Can set by specifying that user with the param of authentication_type=password

People

Assignee:: Mike Mendis

Reporter:: Walter Knesel

Participant/s:: Janice Donahoe, Mike Mendis, Walter Knesel

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 15/Dec/10 2:30 PM

Updated:: 05/Jun/14 5:28 PM

Resolved:: 28/May/14 3:20 PM

i2b2 Core Software