[rt-users] Authenticating other things against RT's user database

Fletch fletch+rt at phydeaux.org
Mon Apr 8 23:51:43 EDT 2002


        This is something I just hacked up (with a little help from
the excelent _mod_perl Developer's Cookbook_ since I haven't really
touched mod_perl in aeons now and was a tad rustier than I thought :)
that may be of interest to someone.


        The situation:

        I've just installed Nagios (http://www.nagios.org/), a web
based network monitoring application.  The guts of its interface are a
bunch of C (eeew :) CGI programs that can be password protected.  The
installation instructions tell you to setup the usual apache
AuthUserFile et al in an .htaccess file.  Since I've installed nagios
on the same machine as my RT instance and pretty much everyone who'd
be accessing it already had RT accounts, it made sense to not add yet
another password when RT was already there.

        Keep in mind that this is using Basic authentication, so you
probably don't want to be using it on something travelling over a
public network (or over anything other than an SSL connection for the
prudently paranoid).

        There's a small USAGE section at the bottom of the code.  If
you need more help than that, see the apache documentation such as:

http://httpd.apache.org/docs/howto/auth.html


--->8 Cut here 8<---
##
## RTAuth -- PerlAuthHandler for authenticating against RT's user list
##
## $Id$
##
package RTAuth;

use strict;

use DBI;
use Apache::Constants qw( OK AUTH_REQUIRED );

use RT ();
use RT::CurrentUser ();

sub handler {
  my $r = shift;

  my( $status, $pw ) = $r->get_basic_auth_pw;

  return $status unless $status == OK;

  RT::Init();

  my $u = RT::CurrentUser->new();
  unless( $u->Load($r->user) and $u->id() ) {
    $r->log_error( "RT::CurrentUser->Load failed: ", $r->user );
    return AUTH_REQUIRED;
  }

  return OK if $u->IsPassword( $pw );

  return AUTH_REQUIRED
}

1;

__END__

=head1 USAGE

Put something resembling the following in a C<<Location>> or
C<<Directory>>
section, or in a C<.htacess> file.

  PerlAuthenHandler RTAuth

  AuthName "RT Access"
  AuthType Basic
  Require valid-user

=head1 COPYING

Copyright 2002, Mike Fletcher.

This module may be distributed under the same terms as Perl.

=head1 AUTHOR

Mike Fletcher, <fletch at cpan.org>

=cut

--->8 Cut here 8<---


-- 
Fletch                | "If you find my answers frightening,       __`'/|
fletch at phydeaux.org   |  Vincent, you should cease askin'          \ o.O'
770 933-0600 x211(w)  |  scary questions." -- Jules                =(___)=
                      |                                               U




More information about the RT-Users mailing list