[rt-users] external auth WAS: Re: RSS feeds and Passwords
Rob Walker
rob at myinternetplace.net
Tue Sep 21 21:34:24 EDT 2004
On Tuesday 21 September 2004 07:50 am, Tony Bowden wrote:
> On Tue, Sep 21, 2004 at 10:39:09AM -0400, seph wrote:
> > > I didn't realise I could use Apache Auth for RT. That should probably
> > > do the job. I can't find any details on how to configure this. Any
> > > pointers?
> >
> > There are docs and mailing posts all over the place. "external auth"
>
> They may be all over the place, but they're in places I can't find.
>
> Searching the wiki for external auth, for example, gives an unanswered
> question from someone else wanting to know about this!
>
> Searching for ExternalAuth gives a page that references
> 'LookupExternalUserInfo' and 'WebExternalAuth' - both of which point to
> pages that don't exist yet.
I saw the "ask questions here" page in the wiki, and was going to answer this
very question in that page, but then later on I noticed that page said to
quit using it, as it wasn't useful. hrmm...
Here is how I have used this for one install: (On Debian, the package
request-tracker3.2 is what I am using along with the packages apache-perl and
apache-ssl)
In /etc/apache-perl/httpd.conf:
<VirtualHost a.b.c.d>
DocumentRoot /usr/local/rt-3-0-2/share/html/
ServerName rt.domain.com
Redirect / https://rt.domain.com/rt32/
</VirtualHost>
In /etc/apache-ssl/httpd.conf:
<VirtualHost a.b.c.d:443>
SSLEnable
ServerName rt.domain.com
Include "/etc/request-tracker3.2/apache-modperl.conf"
DocumentRoot /usr/share/request-tracker3/html/
<Location />
SetHandler perl-script
PerlHandler RT::Mason
AuthName "RT Authentication"
AuthShadow on
AuthType Basic
require valid-user
</Location>
</VirtualHost>
In /etc/request-tracker3.2/RT_SiteConfig.pm :
Set($WebExternalAuth , 1);
Set($WebExternalAuto , 1);
This allows me to authenticate against the local shadow stuffs. The only
problem is that you cannot "logout" of RT. I end up opening another
(non-konqueror) browser, and logging into the https website as root:rootpass
to be able to admin the RT instance. I could set my main user as a
superuser, but I haven't done that yet.
rob
More information about the rt-users
mailing list