I'm currently running Mantis 1.1.5, and looking to upgrade to Mantis 1.2.3, however I can't find a solution to a problem regarding multiple authentication methods.
In our 1.1.5 installation, we've modified core files to first authenticate against LDAP, and if no record is found, to retry authentication against the local Mantis database. Why? We're a web development company, and although we want our developers to authenticate against their Active Directory accounts, we also interact with our clients using Mantis. Clients are given local Mantis account only, and do not have LDAP access. Of course the annoying part is that we've hacked the core of Mantis, and haven't upgraded because we want to stop that practice.
Is there a way in Mantis 1.2.x to have mixed authentication; or to at least have Mantis fall back onto local authentication if LDAP returns no record? I'm pretty sure there isn't, since any tools for "lost password" are disabled automatically when LDAP is set.
Failing that, is there a way to have Mantis use LDAP against either two different DNs, or multiple LDAP servers?
My rationale is that our IT department is throwing up flags about giving client AD accounts, which I can understand, yet our clients still need access. So if we can find a way to either keep them out of AD, or at least put them on a separate LDAP server, we won't have to deal with that red tape.
LDAP and Local Authentication
Moderators: Developer, Contributor