[Rt-devel] RT-LDAP Authentication Redux
Francisco Javier Martínez Martinez
fjmartinez at csi.uned.es
Wed Feb 2 06:29:33 EST 2005
The previus mails due to the answers begins to be a mess, by the way I am
going to Redux the request:
- I had installed RT 3.2.2 in a Fedora 3 box, with Apache 2 and MySQL
- I had an external LDAP server, which stores among others fields the mail
addresses - passwords.
- I want that the RT checks user/passwords against the LDAP server
directly, not delegating in the Apache.
- The mail address is UID in the LDAP :-).
- I had put the following lines in my RT_SiteConfig, there is no need to
use passwords for binding to our internal LDAP :
Set($WebExternalAuth , undef);
$LDAPExternalAuth = 1; # will enable LDAP-Auth
$LdapServer="ldap.mydomain.com"; # LDAP server for authentication
$LdapUser=""; # user name for binding
$LdapPass=""; # password for binding
$LdapBase="ou=Inte,dc=mydomain,dc=com"; # search base
$LdapUidAttr="uid"; # attribute for RT user name
$LdapFilter="(objectclass=*)"; # additional filter
- I had created (copy of Ruediger Riediger´s one) a file for LDAP Overlay
called User_Local.pm as I had found in varius request, following the
http://wiki.bestpractical.com/index.cgi?CleanlyCustomizeRT I had put this
file in both routes RTroot/local/lib/RT/ and RTroot/lib/RT.
- I had installed the CPAN modules Net::LDAP and Net::SSLeay. But we do not
need TLS communications at least for the moment.
After all, RT seems to authenticate users against his own DB, there is not
activities nor communications between RT server and LDAP server.
My mainly requests are:
Is the LDAP activated with the lines put above? If yes in which part of
RT_SiteConfig it should to live?
What should be the value of Set($WebExternalAuth (I wonder that It should
be undef) ?
Where should live User_Local.pm and whith what attributes?
What about /usr/local/rt3/local/html/autohandler, Should It be modified?
Is TLS communications mandatory for this authentication?
Thanks in advance and mainly to Steve and Ruediger Riediger for his kindly
and quickly answers.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Rt-devel