[rt-users] RT4.0.1 ExternalAuth and SSO
declaya
chocoboselphie at gmx.de
Mon Sep 19 04:51:45 EDT 2011
Hi all,
my RT installation is just a little step away from being absolutely perfect.
I'm currently trying to get a single sign-on behavior for all users in our
network.
Until now, ExternalAuth is working fine, all users can log in with their
credentials, they are recognized in our AD. My problem now is the SSO
config. I have no idea what I have to set in the RT_SiteConfig.pm.
As far as now my config looks like this:
# An example SSO cookie service
'My_SSO_Cookie' => { # # The type of
service (db/ldap/cookie)
'type'
=> 'cookie',
'name'
=> '####', (commented out)
'u_table'
=> 'Users',
# The username field
in the users table
'u_field'
=> 'Name',
'u_match_key'
=> 'id',
This is the part where I don't know what to write in:
# The cookies table
'c_table'
=> 'login_cookie',
# The field that
stores cookie values
'c_field'
=> 'loginCookieValue',
# The field in the
cookies table that uniquely identifies a user
# and also exists in
the users table
'c_match_key'
=> 'loginCookieUserID',
# The DB service in
this configuration to use to lookup the cookie information
'db_service_name'
=> 'My_MySQL'
}
}
So now my question is: Where can I find out how the table, field and the
match key of the cookie is called? Or is this a misunderstanding from my
side?
Do I have to make a cookie by myself? I think I can use the cookie I get
when visiting the RT interface, don't I?
The log file says that ExternalAuth is able to find the cookie, but then it
fails to authenticate ("No user was authenticated by browser cookie. SSO
failed and no user to test with."). I think this comes from the wrong config
so that ExternalAuth tries to read but fails because of the wrong table name
and/or field and match key.
If I look at the cookie, it only contains a hash value. Maybe there is also
something wrong with the cookie itself.
Thanks in advance for your help!
PS: Another (small, compared to the problem above) problem: Is the value for
'd_field' that has to be specified for ExternalAuth to connect to the MySQL
database of RT4.0.1 still there? I had trouble to find it and thus I
commented it out. It still works, but it would be nice to know how it is
called now. Thank you. :)
--
View this message in context: http://old.nabble.com/RT4.0.1-ExternalAuth-and-SSO-tp32478912p32478912.html
Sent from the Request Tracker - User mailing list archive at Nabble.com.
More information about the rt-users
mailing list