[Rt-devel] [PATCH] Add external hooks to IsPassword() and SetPassword()

Petter Reinholdtsen pere at hungry.com
Tue Aug 31 03:18:54 EDT 2004


[Petter Reinholdtsen]
> Anyway, by making sure the hook provided in LookupExternalUserInfo()
> is used in the code, it is easier to add ones own synchronizing code
> for LDAP, and it should make it easier to implement your idea of
> making this configurable using RTx::Authen.
>
> Here is the complete patch to enable this.  I've tested it at our test
> installation of RT.

Of course, LDAP synchronizing is not complete unless one can use LDAP
to authenticate users in LDAP, while leaving it to RT to authenticate
the users not present in LDAP.

Here is a patch to add hooks in the right places for external password
handling.

 - One hook in RT::User::IsPassword() to call a new
   IsPasswordExternal() in the proper place.  This make it possible to
   add LDAP support by overriding IsPasswordExternal() only, and
   removed the need to copy the code in IsPassword() just add two
   lines to it.

 - Similar hook in RT::User::SetPassword() to call
   SetPasswordExternal().

Please include this patch in a future version of RT, or let me know if
there is something with the patch making it unfit for inclusion in the
official source.

Index: lib/RT/User_Overlay.pm
===================================================================
--- lib/RT/User_Overlay.pm	(revision 1376)
+++ lib/RT/User_Overlay.pm	(working copy)
@@ -1001,6 +1058,28 @@
 
 # }}}
 
+# {{{ sub SetPasswordExternal
+
+=head2 SetPasswordExternal
+
+Takes a string, and try to set this string as the users password in an
+external system, if the user is listed in the external system.
+
+Returns 1 if the password was set successfully, undef if it failed,
+and -1 if the user is unknown to the external system.
+
+This hook is called from SetPassword.
+
+=cut
+
+sub SetPasswordExternal {
+    my $self     = shift;
+    my $password = shift;
+    return ( -1, $self->loc("No external users") );
+}
+
+# }}}
+
 # {{{ sub SetPassword
 
 =head2 SetPassword
@@ -1018,6 +1097,9 @@
         return ( 0, $self->loc('Permission Denied') );
     }
 
+    my ($code, $msg) = $self->SetPasswordExternal($password);
+    return ($code, $msg) unless (-1 == $code);
+
     if ( !$password ) {
         return ( 0, $self->loc("No password set") );
     }
@@ -1066,6 +1148,27 @@
 
 # }}}
 
+# {{{ sub IsPasswordExternal
+
+=head2 IsPasswordExternal
+
+Returns true if the passed in value is this user's password.  Return
+undef if the password don't match.  Return -1 if the user is unknown
+in the external system.
+
+This hook is called from IsPassword.
+
+=cut
+
+sub IsPasswordExternal {
+    my $self  = shift;
+    my $value = shift;
+
+    return ( -1, $self->loc("No external users") );
+}
+
+# }}}
+
 # {{{ sub IsPassword 
 
 =head2 IsPassword
@@ -1097,6 +1200,9 @@
         return(undef);
      }
 
+    my $code = $self->IsPasswordExternal($value);
+    return ($code) unless (-1 == $code);
+
     # generate an md5 password 
     if ($self->_GeneratePassword($value) eq $self->__Value('Password')) {
         return(1);


More information about the Rt-devel mailing list