[rt-users] ExternalAuth doesn't work

Jason Ledford jledford at biltmore.com
Thu Mar 3 10:25:00 EST 2011


Did you configure the plugin to load and does RT show it being loaded, and has apache been restarted?  Here are my 2 config files, RT-authen first:

Set($ExternalAuthPriority,  [   'My_LDAP',
                                'My_MySQL',
                                'My_SSO_Cookie'
                            ]
);


Set($ExternalInfoPriority,  [   'My_LDAP',
                                'My_MySQL'
                            ]
);


Set($ExternalServiceUsesSSLorTLS,    0);

Set($AutoCreateNonExternalUsers,    1);


Set($ExternalSettings,      {   # AN EXAMPLE DB SERVICE
                                # AN EXAMPLE LDAP SERVICE
                                'My_LDAP'       =>  {   ## GENERIC SECTION
                                                        # The type of service (db/ldap/cookie) 
                                                        'type'                      =>  'ldap',
                                                        'server'                    =>  'dc.example.com',
                                                        'user'                      =>  'user at example.com',
                                                        'pass'                    =>  'FUB28tra',
                                                        'base'                      =>  'ou=Departments,dc=domain,dc=example,dc=com',
                                                        'filter'                    =>  '(objectClass=*)',
                                                        'd_filter'                  =>  '(userAccountControl=514)',
                                                        'tls'                       =>  0,
                                                        'ssl_version'               =>  3,
                                                        'net_ldap_args'             => [    version =>  3   ],
                                                        'attr_match_list'           => [    'Name',
                                                                                            'EmailAddress', 
                                                                                            'RealName',
                                                                                            'WorkPhone' 
                                                                                        ],
                                                        'attr_map'                  =>  {   'Name' => 'sAMAccountName',
                                                                                            'EmailAddress' => 'mail',
                                                                                            'Organization' => 'department',
                                                                                            'RealName' => 'cn',
                                                                                            'ExternalAuthId' => 'sAMAccountName',
                                                                                            'Gecos' => 'sAMAccountName',
                                                                                            'WorkPhone' => 'telephoneNumber',
                                                                                        }
                                                    }
                                }
);

1;

******************************************************************************************************
Now my site config
******************************************************************************************************** 
# Any configuration directives you include  here will override 
# RT's default configuration file, RT_Config.pm
#
# To include a directive here, just copy the equivalent statement
# from RT_Config.pm and change the value. We've included a single
# sample value below.
#
# This file is actually a perl module, so you can include valid
# perl code, as well.
#
# The converse is also true, if this file isn't valid perl, you're
# going to run into trouble. To check your SiteConfig file, use
# this comamnd:
#
#   perl -c /path/to/your/etc/RT_SiteConfig.pm

Set( $rtname, 'myserver.example.com');
Set($Organization, 'example.com');
Set($CorrespondAddress , 'esworkorder at example.com');
Set($CommentAddress , 'escomment at example.com');
Set($Timezone, "EST"); # obviously choose what suits you

Set($DatabaseUser , 'rt123');
Set($DatabasePassword , 'rt123');
Set($DatabaseName , 'cdc124asv_rt'); # Ensure this is set to rt3!
Set($DatabaseHost, 'mysql.example.com');

Set($WebPath , "/rt");
Set($WebBaseURL , "http://myserver.example.com");


require "/opt/rt3/local/plugins/RT-Authen-ExternalAuth/etc/RT_SiteConfig.pm";
Set(@Plugins, (qw(RT::Extension::MobileUI RT::Extension::LDAPImport RT::Authen::ExternalAuth)));

#Set(@Plugins,(qw(Extension::QuickDelete RT::FM)));
Set($LDAPHost,'dc.example.com');
Set($LDAPUser, 'user at example.com');
Set($LDAPPassword, 'pass');
Set($LDAPBase, 'OU=departments,dc=domain,dc=example,dc=com');
Set($LDAPFilter, '(&(objectClass=user)(objectClass=*))');
Set($LDAPMapping, {Name         => 'sAMAccountName',
                    EmailAddress => 'mail',
                    RealName     => 'cn',
                    MobilePhone  => 'mobile',
                    WorkPhone    => 'telephoneNumber',
                    Organization => 'department',
		    FreeformContactInfo => 'title'});
Set($LDAPUpdateUsers,1);


1;

******************************

-----Original Message-----
From: rt-users-bounces at lists.bestpractical.com [mailto:rt-users-bounces at lists.bestpractical.com] On Behalf Of Robert Wysocki
Sent: Thursday, March 03, 2011 10:18 AM
To: rt-users at lists.bestpractical.com
Subject: Re: [rt-users] ExternalAuth doesn't work

Dnia 2011-03-03, czw o godzinie 16:05 +0100, Robert Wysocki pisze:
> Dnia 2011-03-03, czw o godzinie 10:00 -0500, Thomas Sibley pisze:
> > What RT and ExternalAuth versions are you running?  ExternalAuth 
> > 0.08 doesn't work with RT 3.8.9.  There's a development version of 
> > ExternalAuth 0.08_01, which users have reported fixes the problem.
> > 
> > http://search.cpan.org/~falcone/RT-Authen-ExternalAuth-0.08_01/
> 
> Thanks, I'll try it, I was struggling with 0.08.

Well, tcpdump still doesn't show any packets...
Can any of you with working installation of RT 3.8.9 and ExternalAuth paste your config? Maybe i've made some stupid mistake?

--
Robert



More information about the rt-users mailing list