<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:p="urn:schemas-microsoft-com:office:powerpoint" xmlns:a="urn:schemas-microsoft-com:office:access" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:s="uuid:BDC6E3F0-6DA3-11d1-A2A3-00AA00C14882" xmlns:rs="urn:schemas-microsoft-com:rowset" xmlns:z="#RowsetSchema" xmlns:b="urn:schemas-microsoft-com:office:publisher" xmlns:ss="urn:schemas-microsoft-com:office:spreadsheet" xmlns:c="urn:schemas-microsoft-com:office:component:spreadsheet" xmlns:oa="urn:schemas-microsoft-com:office:activation" xmlns:html="http://www.w3.org/TR/REC-html40" xmlns:q="http://schemas.xmlsoap.org/soap/envelope/" xmlns:D="DAV:" xmlns:x2="http://schemas.microsoft.com/office/excel/2003/xml" xmlns:ois="http://schemas.microsoft.com/sharepoint/soap/ois/" xmlns:dir="http://schemas.microsoft.com/sharepoint/soap/directory/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:dsp="http://schemas.microsoft.com/sharepoint/dsp" xmlns:udc="http://schemas.microsoft.com/data/udc" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:sub="http://schemas.microsoft.com/sharepoint/soap/2002/1/alerts/" xmlns:ec="http://www.w3.org/2001/04/xmlenc#" xmlns:sp="http://schemas.microsoft.com/sharepoint/" xmlns:sps="http://schemas.microsoft.com/sharepoint/soap/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:udcxf="http://schemas.microsoft.com/data/udc/xmlfile" xmlns:wf="http://schemas.microsoft.com/sharepoint/soap/workflow/" xmlns:mver="http://schemas.openxmlformats.org/markup-compatibility/2006" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns:mrels="http://schemas.openxmlformats.org/package/2006/relationships" xmlns:ex12t="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:ex12m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:Z="urn:schemas-microsoft-com:" xmlns:st="�" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-CA link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal style='text-indent:36.0pt'>Ok, after playing around for a
while more I am at a state where it appears pubcookie detects that I have no
cookie, redirects me to the login server, cookie is set, browser is redirected
back to my rt server, pubcookie can see a session cookie and then I get dropped
to the rt login page. It seems rt is mangling something once I get
redirected back (perhaps due to me mangling something in config). Debian
etch, apache2, mod_fastcgi, rt 3.8.0<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>First is there a page inside RT I
can look at to see what it thinks the Apache Variables being presented
are? When I go to a test-site the authentication sets up the REMOTE_USER
as I expect but I want to be sure in this site it is correct. <o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>Second I include my Virtualhost
config and RT_Siteconfig for scrutiny/mocking. <span style='font-family:
Wingdings'>J</span><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><VirtualHost *:443><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
ServerAdmin nos@ualberta.ca<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
ServerName myfqdn.com<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
ErrorLog /var/log/apache2/nosticket-error<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
CustomLog /var/log/apache2/nosticket-access_log common<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
LogLevel debug<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
SSLEngine on<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
SSLCertificateFile /etc/ssl/certs/myfqdn.com.crt<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
SSLCertificateKeyFile /etc/ssl/private/myfqdn.com.key<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
DocumentRoot /usr/local/encap/rt-3.8.0/share/rt3/html<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
PubcookieGrantingCertFile /usr/local/pubcookie/keys/pubcookie-granting.cert<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
PubcookieSessionKeyFile /etc/ssl/private/server.key<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
PubcookieSessionCertFile /etc/ssl/certs/nosticket.crt<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
PubcookieKeyDir /usr/local/pubcookie/keys/<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
PubcookieLogin https://weblogin.mydomain.com/<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
PubcookieLoginMethod POST<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
PubcookieAuthTypeNames NETID<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'> PubCookiePostURL
/index.html<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AddHandler fastcgi-script fcgi<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
ScriptAlias / /usr/local/encap/rt-3.8.0/bin/mason_handler.fcgi/<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
<Directory "/"><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
Options FollowSymLinks<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AllowOverride AuthConfig<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
</Directory><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
<Directory "/usr/local/encap/rt-3.8.0/share/rt3/html"><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
Options Indexes FollowSymLinks MultiViews<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AllowOverride AuthConfig<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AuthType NETID<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
Require group NetOps<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AuthGroupFile
/etc/apache2/sites-available/nos-groupfile<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
</Directory><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
<Location /*><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AddDefaultCharset UTF-8<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
SetHandler fastcgi-script<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AuthType NETID<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AuthName NetOpsRT<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
Require group NetOps<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AuthGroupFile /etc/apache2/sites-available/nos-groupfile<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
</Location><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
<Location /NoAuth ><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
satisfy any<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
AuthType none<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
order deny,allow<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
allow from all<o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'>
</Location><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'></VirtualHost><o:p></o:p></p>
<p class=MsoNormal style='text-indent:36.0pt'><o:p> </o:p></p>
<p class=MsoNormal> <o:p></o:p></p>
<p class=MsoNormal>RT_Siteconfig<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Set($rtname , "myrtname");<o:p></o:p></p>
<p class=MsoNormal>Set($Organization , "myorg");<o:p></o:p></p>
<p class=MsoNormal>Set($Timezone , 'Canada/Mountain');<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Set($DatabaseHost , 'mydbfqdn.com');<o:p></o:p></p>
<p class=MsoNormal>Set($DatabaseUser , 'nos');<o:p></o:p></p>
<p class=MsoNormal>Set($DatabasePassword , 'rtsucks');<o:p></o:p></p>
<p class=MsoNormal>Set($DatabaseName , 'nosticket');<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Set($OwnerEmail , 'richmond@ualberta.ca');<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Set($WebBaseURL, 'https://myfqdn.com’);<o:p></o:p></p>
<p class=MsoNormal>Set($WebPort, '443');<o:p></o:p></p>
<p class=MsoNormal>Set($WebImagesURL, $WebURL.'/NoAuth/images/');<o:p></o:p></p>
<p class=MsoNormal>Set($WebSecureCookies, 1);<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Set($LogToSyslog , undef);<o:p></o:p></p>
<p class=MsoNormal>Set($LogToScreen , 'error');<o:p></o:p></p>
<p class=MsoNormal>Set($LogToFile , 'debug');<o:p></o:p></p>
<p class=MsoNormal>Set($LogDir, '/var/log/rt3');<o:p></o:p></p>
<p class=MsoNormal>Set($LogToFileNamed , "rt.log");
#log to rt.log<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Set($WebExternalAuth , 1);<o:p></o:p></p>
<p class=MsoNormal>Set($WebFallbackToInternalAuth, true);<o:p></o:p></p>
<p class=MsoNormal>Set($WebExternalAuto, 0);<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>1;<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>--<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>--<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>Raymond
Richmond phone:(780)492-9327<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>Team
Lead, Network Operations Group fax:(780)492-1729<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>AICT
email:raymond.richmond@ualberta.ca<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>103A
General Services Building<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>Edmonton,
Alberta<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>Canada
T6G 2H1<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>Omnia
mutantur nihil interit<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'><o:p> </o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>This
communication is intended for the use of the recipient to which it is
addressed, and may contain confidential, personal, and/or privileged
information. Please contact us immediately if you are not the intended
recipient of this communication. If you are not the intended recipient of
this communication, do not copy, distribute, or take action on it.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:10.5pt;font-family:Consolas'>Any
communication received in error, or subsequent reply, should be deleted or
destroyed.<o:p></o:p></span></p>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</body>
</html>