Self-Introduction: David Lawrence

Dave Lawrence dkl at
Tue Sep 11 20:40:31 UTC 2007

No, but that does look promising for when we go to 3.x. Currently we 
just have the
external applications use their respective xmlrpc client to connect to 
bugzilla.login($username, $password)
which simply auths the user and then returns the same cookies that would 
be returned if using the
web UI. The calling client caches these cookies or passes them on to the 
browser connecting
to the external app. Then when the user connects again to the external 
app, it gets the login cookies,
remaps the domain to the Bugzilla server's and calls bugzilla.login() 
again (minus any parameters)
which will use the passed cookies. Or they can call any other xmlrpc 
method that is exported
using the cookies instead of passing in a username and password.


Jochen Wiedmann wrote:
> On 9/11/07, Dave Lawrence <dkl at> wrote:
>> Bugzilla communicate with their tracking tools. Many of our internal
>> applications also communicate with Bugzilla for single sign on
>> authentication.
> May I ask, whether you've got something better than mod_authn_bugzilla
> (see bug 392482)? If so, are you interested in sharing it?
> Thanks,
> Jochen

David Lawrence, RHCE  dkl at
Red Hat, Inc.    Web:
1801 Varsity Drive Raleigh, NC 27606

More information about the developers mailing list