[rt-users] WebNoAuthRegex - what is this?

Duncan Napier napier at napiersys.bc.ca
Thu Feb 2 18:28:36 EST 2006


I am having a problem with deploying RT on a Web-based authentication 
system that appends a ticket string


to every URL that lies below the rt-doc root (ie the one that has the 
.htaccess restriction). I see 

"WebNoAuthRegex - What portion of RT's URLspace should not require
authentication." and wonder if that can fix it. I only need RT users to 
authenticate to my RT home page (index.html). How do you specify the 
non-authenticated URL space?

Here are the details:

I successfully have deployed RT 3.4.5-1 on Fedora Core
kernel-smp-2.6.14-1.1656_FC4 running with Apache 2.0.54/55, MySQL
4.1.16-1, PHP 5.1.2, mod_perl-2.0.2 and it works great.

I set up and tested Apache Basic authentication (ie .htpasswd/password 
file, AuthMySQLEnable off) and setting

Set($WebExternalAuth , '1');
Set($WebFallbackToInternalAuth , 'true');
Set($WebExternalAuto , '1');

in RT_SiteConfig.pm. Again, RT works as expected.

The university campus on which I work deploys Central Authentication
Service (CAS) a web-based, single-sign on authentication/authorization
system originally developed at Yale University:


Users can authenticate and log on correctly (letting users use their 
University computing services account login/password). I can browse RT 
correctly, but whenever I try to make any  changes, I get errors like

RTWeb: Unable to load queue ''
RTWeb: Unable to load user ''

etc ('' is a null string). I believe the URL ticket appending on the URL 
is  messing up transactions on the system. I've compared full logs of 
MySQL with CAS turned on and Basic authentication turned on, and can see 
differences in the way queries are run. For example, the transactions 
run under CAS never do an autocommit. I'm pretty sure it is the 
"?ticket=xxxx" string at the end that is causing the problem. Can anyone 
suggest a fix otherwise?



More information about the rt-users mailing list