[Rt-devel] Patch to allow alternate REMOTE_USER variable for WebExternalAuth.

Thu Sep 24 17:37:25 EDT 2009

It's our intent that sites override WebCanonicalizeInfo locally (to do
something like what you have done). Because of that, I'm not sure it
makes a lot of sense to clutter that sub with options.

On Thu, Sep 24, 2009 at 03:08:09PM -0400, Jason A. Smith wrote:
> We are are testing WebAuth with RT and for it to work with
> WebExternalAuth, I needed to have RT look for a variable name different
> than the default REMOTE_USER.  Since Apache reserves REMOTE_USER for its
> own purposes, WebAuth cannot use that variable.  So, we have our WebAuth
> server set a different variable which contains the user's login name.
> The attached patch adds an additional config variable and changes the
> WebCanonicalizeInfo function to return the value of that variable, if
> specified, or the default REMOTE_USER if not set.
> 
> I tested this with our WebAuth server and rt-3.8.5.
> 
> ~Jason
> 
> 
> -- 
> /------------------------------------------------------------------\
> |  Jason A. Smith                          Email:  smithj4 at bnl.gov |
> |  Atlas Computing Facility, Bldg. 510M    Phone: +1-631-344-4226  |
> |  Brookhaven National Lab, P.O. Box 5000  Fax:   +1-631-344-7616  |
> |  Upton, NY 11973-5000,  U.S.A.                                   |
> \------------------------------------------------------------------/
> 

> diff -urN rt-3.8.5-dist/etc/RT_Config.pm rt-3.8.5/etc/RT_Config.pm
> --- rt-3.8.5-dist/etc/RT_Config.pm	2009-09-14 13:57:24.000000000 -0400
> +++ rt-3.8.5/etc/RT_Config.pm	2009-09-22 10:17:12.000000000 -0400
> @@ -975,6 +975,15 @@
>  
>  Set($WebExternalAuth, undef);
>  
> +=item C<$WebExternalAuthVarName>
> +
> +If C<$WebExternalAuthVarName> is defined, RT will use that environment
> +variable instead of the default REMOTE_USER.
> +
> +=cut
> +
> +Set($WebExternalAuthVarName, undef);
> +
>  =item C<$WebFallbackToInternalAuth>
>  
>  If C<$WebFallbackToInternalAuth> is defined, the user is allowed a chance
> diff -urN rt-3.8.5-dist/etc/RT_Config.pm.in rt-3.8.5/etc/RT_Config.pm.in
> --- rt-3.8.5-dist/etc/RT_Config.pm.in	2009-09-14 13:23:22.000000000 -0400
> +++ rt-3.8.5/etc/RT_Config.pm.in	2009-09-22 10:22:08.000000000 -0400
> @@ -975,6 +975,15 @@
>  
>  Set($WebExternalAuth, undef);
>  
> +=item C<$WebExternalAuthVarName>
> +
> +If C<$WebExternalAuthVarName> is defined, RT will use that environment
> +variable instead of the default REMOTE_USER.
> +
> +=cut
> +
> +Set($WebExternalAuthVarName, undef);
> +
>  =item C<$WebFallbackToInternalAuth>
>  
>  If C<$WebFallbackToInternalAuth> is defined, the user is allowed a chance
> diff -urN rt-3.8.5-dist/lib/RT/Interface/Web.pm rt-3.8.5/lib/RT/Interface/Web.pm
> --- rt-3.8.5-dist/lib/RT/Interface/Web.pm	2009-09-14 13:23:22.000000000 -0400
> +++ rt-3.8.5/lib/RT/Interface/Web.pm	2009-09-22 14:29:28.000000000 -0400
> @@ -123,7 +123,8 @@
>  =cut
>  
>  sub WebCanonicalizeInfo {
> -    return $ENV{'REMOTE_USER'}? lc $ENV{'REMOTE_USER'}: $ENV{'REMOTE_USER'};
> +    my $var = $RT::WebExternalAuthVarName ? $RT::WebExternalAuthVarName : 'REMOTE_USER';
> +    return $ENV{$var}? lc $ENV{$var}: $ENV{$var};
>  }
>  
>  # }}}

> _______________________________________________
> List info: http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-devel

-- 