[rt-users] Auto Login Link in autoreply with password

Codatel Lists lists at codatel.com.au
Mon Aug 30 08:19:50 EDT 2010


what do you mean by parse it through john?

On 30/08/2010, at 10:12 PM, Torsten Brumm wrote:

Damn, you are right, for users with a password this will not work.

Hmmm, possibly other guys have better ideas....parse it through john and then you have it plain text :-(

2010/8/30 Codatel Lists <lists at codatel.com.au<mailto:lists at codatel.com.au>>
This is what the RT replied back to me in the email

http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=

there was no password


FYI the Auto generation script has no effect here as the requestor is an existing email address

so the

{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$pass}

line is outside the password auto genrating script.

I believe the $pass parameter has something to do with the script but it is not being understood as the line I used is not within that part of the script.





On 30/08/2010, at 7:48 PM, Torsten Brumm wrote:

OK, the mail sent out, does it have the password posted?

Is this the correct link you created?
http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=

Or like this?
http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=$pass

??
2010/8/30 Codatel Lists <lists at codatel.com.au<mailto:lists at codatel.com.au>>
I have tried that and I get the following result.

The password is blank

http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=

On 30/08/2010, at 7:38 PM, Torsten Brumm wrote:

Hi,
looks like we didn't talked about the same...

You like to do this:

{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}

No idea what is stored here: $Transaction->CreatorObj->__Value('Password' but from the output you sent, it looks like the md5 of the password:

You should try this:

{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$pass}

inside $pass you sent out the plain text password and i think, the login method with the link will also have the plaintext pass.

Torsten
2010/8/29 Codatel Lists <lists at codatel.com.au<mailto:lists at codatel.com.au>>
I am trying to setup my autoreply so that it has a direct link for the requestor to click and he can be logged straight into the RT.
I am new to the eco system and have been playing around with it over the past few days.
Ive hit a roadblock and am hoping someone can help me out.

I have inserted the following into the autoreply template

{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}


It almost works perfectly except for the fact that the password actually goes out encrypted and is pretty useless.

this is the link that the requestor gets back


http://rt.mydomain.com.au/ticket/SelfService/Display.html?id=138&user=requestor@email.com&pass=091128365216c001205810ed3po175fb<http://rt.mydoman.com/ticket/SelfService/Display.html?id=138&user=requestor@email.com&pass=091128365216c001205810ed3po175fb>



Below is my entire template.


Can someone please let me know how I am able to send a clickable link with every autoreply that will take the requestor straight to the ticket on the web.

Subject: AutoReply: {$Ticket->Subject}


Greetings,

This message has been automatically generated in response to the
creation of a helpdesk call:

        "{$Ticket->Subject()}",

a summary of which appears below.

There is no need to reply to this message right now. Your ticket has been
 assigned an ID of [{$rtname} #{$Ticket->id()}]. Please include this string
in the subject line of all future correspondence about this issue.

{
*RT::User::GenerateRandomNextChar = \&RT::User::_GenerateRandomNextChar;


if (($Transaction->CreatorObj->id != $RT::Nobody->id) &&
    (!$Transaction->CreatorObj->Privileged) &&
    ($Transaction->CreatorObj->__Value('Password') eq '*NO-PASSWORD*')
    ) {



        my $user = RT::User->new($RT::SystemUser);
        $user->Load($Transaction->CreatorObj->Id);
        my ($stat, $pass) = $user->SetRandomPassword();



        if (!$stat) {
                $OUT .=

"An internal error has occurred. RT was not able to set a password for you.
Please contact your local RT administrator for assistance.";


        }


$OUT .= "
You can check the current status and history of your requests at:


        ".$RT::WebURL."


When prompted, enter the following username and password:


        Username: ".$user->Name."
        Password: ".$pass."

";
}
}
{$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}

                        Thank you.
                        {$Ticket->QueueObj->CorrespondAddress()}


-------------------------------------------------------------------------
{$Transaction->Content()}


RT Training in Washington DC, USA on Oct 25 & 26 2010
Last one this year -- Learn how to get the most out of RT!



--
MFG

Torsten Brumm

http://www.brumm.me<http://www.brumm.me/>
http://www.elektrofeld.de<http://www.elektrofeld.de/>




--
MFG

Torsten Brumm

http://www.brumm.me<http://www.brumm.me/>
http://www.elektrofeld.de<http://www.elektrofeld.de/>




--
MFG

Torsten Brumm

http://www.brumm.me<http://www.brumm.me/>
http://www.elektrofeld.de<http://www.elektrofeld.de/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100830/a2fff5b2/attachment.htm>


More information about the rt-users mailing list