[rt-users] 3.8.6: WritableAttributes error in Web.pm's AttemptExternalAuth

Kevin Falcone falcone at bestpractical.com
Tue Dec 1 10:09:28 EST 2009


On Tue, Dec 01, 2009 at 11:33:22AM +0000, Philip Shore wrote:
>    Thanks for the quick response.  That patch does indeed fix the error and now I can see the
>    self service interface after authenticating.

Great, thanks for testing.  I'll commit that to the tree later today.

>    Re, our config.  I have attached the complete config in case you would like to provide any
>    words of wisdom.
> 
>    We are using a custom apache single sign on module that puts the users id into remote_user
>    then we auto create the user after lookup their name, email address etc from an ldap source
>    which I guess is the old handler.  I am taking a look at  RT::Authen::ExternalAuth  to see if
>    it  would be a better solution for us.

I don't immediately recognize the module you're using, but my guess is
that it is indeed a precursor to RT::Authen::ExternalAuth.  RAE can
run in info-only mode (rather than auth + info) and is a more modern
way of doing the integration.  I don't know enough about how you're
doing your apache auth to say if RAE makes sense as an auth source.
It may be worth playing with on a test system.

-kevin

> 
>  On Mon, Nov 30, 2009 at 06:38:14PM +0000, Philip Shore wrote:
> 
> 
>  I am trying to upgrade our 3.6.5 RT instance to 3.8.6 and I am getting
>  an error at the point of first log on.
> 
>  There is new code in RT 3.8.6 that wasn't present in 3.8.5 that is
>  throwing an error for me:
> 
> 
>  I'd be interested to know if the untested attached patch fixes the
>  issue you're seeing.
> 
>  Your siteconfig is also really odd, it isn't clear to me if you're
>  using all in-house config, or some mix of apache auth and
>  RT-Authen-ExternalAuth or the much older ldap handler.
> 
>  -kevin
> 
> 
> 
>  error:       Can't locate object method "WritableAttributes" via package
>  "pms52" (perhaps you forgot to
>  load "pms52"?) at /opt/rt3/bin/../lib/RT/Interface/Web.pm line 367,
>  <DATA> line 276.
>  context:
>  ...
>  363:      # now get user specific information, to better create our user.
>  364:      my $new_user_info =
>  RT::Interface::Web::WebExternalAutoInfo($user);
>  365:
>  366:      # set the attributes that have been defined.
>  367:      foreach my $attribute ( $user->WritableAttributes ) {
>  368:      $m->callback(
>  369:      Attribute => $attribute,
>  370:      User => $user,
>  371:      UserInfo => $new_user_info,
>  ...
>  code stack:
>  /opt/rt3/bin/../lib/RT/Interface/Web.pm:367
>  /opt/rt3/bin/../lib/RT/Interface/Web.pm:197
>  /opt/rt3/share/html/autohandler:53
> 
> 
>  I have RT configured to use WebExternalAuto, and so have an Apache
>  module providing the userid via REMOTE_USER and user info collected via
>  ldap.  I logon with username "pms52" which appears in the error. I can
>  also see in the rt log that it has successfully retrieved my information
>  from our ldap server.
> 
>  I am not a perl programmer but it looks to me like the RT code at line
>  367 is expecting a database object but has a String instead.
> 
>  The AttemptExternalAuth subrouting is new in RT 3.8.6.  Is there
>  something I have not configured correctly or is there a bug ?  I have
>  pasted what I think are the relevant parts of our RT_SiteConfig below.
> 
>  Many thanks,
>  Philip Shore.
> 
> 
>  Set($AuthMethods, ['Internal']);
> 
>  Set($WebExternalAuth , 1);
>  Set($WebExternalAuto , 1);
>  Set($AutoCreate, { Privileged => 0 } );
> 
>  Set($LdapExternalInfo, 1);
>  Set($LdapAutoCreateNonLdapUsers, 1);
>  Set($LdapAttrMap, {'Name' => 'uid',
>                     'EmailAddress' => 'mail',
>                     'Organization' => 'instID',
>                     'RealName' => 'displayName',
>                     'NickName' => 'title',
>                     'ExternalContactInfoId' => 'mailAlternative',
>                     'ExternalAuthId' => 'uid',
>                     'Gecos' => 'uid',
>                     'WorkPhone' => 'telephoneNumber',
>                     'Address1' => 'postalAddress',
>                     'Address2' => 'postalAddress'}
>  );
> 
> 
>  _______________________________________________
>  [1]http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> 
>  Community help: [2]http://wiki.bestpractical.com
>  Commercial support: [3]sales at bestpractical.com
> 
> 
>  Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>  Buy a copy at [4]http://rtbook.bestpractical.com
> 
> 
> 
> 
>         ------------------------------------------------------------------------------------
> 
>  _______________________________________________
>  [5]http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> 
>  Community help: [6]http://wiki.bestpractical.com
>  Commercial support: [7]sales at bestpractical.com
> 
> 
>  Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>  Buy a copy at [8]http://rtbook.bestpractical.com
> 
> References
> 
>    Visible links
>    1. http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>    2. http://wiki.bestpractical.com/
>    3. mailto:sales at bestpractical.com
>    4. http://rtbook.bestpractical.com/
>    5. http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>    6. http://wiki.bestpractical.com/
>    7. mailto:sales at bestpractical.com
>    8. http://rtbook.bestpractical.com/


> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
> 
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
> 
> 
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media. 
> Buy a copy at http://rtbook.bestpractical.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20091201/075475c3/attachment.sig>


More information about the rt-users mailing list