[rt-devel] External User Authentication

seph seph at commerceflow.com
Tue Dec 3 16:53:41 EST 2002


Stanislav Sinyagin <ssinyagin at yahoo.com> writes:

> In order to keep the user management and password management 
> in one place, it would be nice to have the RT users authenticated 
> against those centralized databases. Also any other fields which  
> that database keeps, would be nice to re-use as well. 
> 
> here's a short concept of how that might be implemented in some 
> future. Critics, comments, skepticism are warmly welcome:

A reasonable goal, but I think your implementation may have data
integrity problems. RT needs to know who it's users are, and who they
were. a user is never deleted, because they appear in old tickets. In
a system where RT's users are remote objects, RT is dependent on the
remote database to keep it's users, most corporate employee databases
don't keep former employees in them usefully.

One solution is to let RT manage it's own users, as it does now, and
set up some sort of bulk user export. The user export would create RT
users for all other users, and set their information accordingly. You
could even do this fairly elegantly, by having users created on as
needed basis.

As for authentication, if you combine that, with apache's
authentication options, I think you have everything you need.

seph



More information about the Rt-devel mailing list