[rt-users] problem with LDAP authentication after upgrading
Sebastian Reitenbach
sebastia at l00-bugdead-prods.de
Wed Apr 9 06:37:18 EDT 2008
hi,
I wanted to upgrade rt3 from version 3.6.1 to 3.6.6.
Therefore I installed a fresh version on a new host, following the
installation procedure described in the README file.
I ran configure with the following parameters:
./configure --prefix=/opt/rt3 --with-web-user=wwwrun --with-db-type=Pg
--with-db-dba=postgres
--with-db-database=rt3 --with-db-host=127.0.0.1
--with-apachectl=/usr/sbin/apache2ctl
I copied the old RT_SiteConfig.pm file to the new host, however, when I try
to login, it is not possible, and I see the following in the logs:
[Wed Apr 9 10:08:21 2008] [error]: FAILED LOGIN for sebastia from 10.0.0.9
(/opt/rt3/share/html/autohandler:251)
Stack trace:
HTML::Mason::Commands::__ANON__() called
at /usr/lib/perl5/site_perl/5.8.8/HTML/Mason/Component.pm:135
HTML::Mason::Component::run() called
at /usr/lib/perl5/site_perl/5.8.8/HTML/Mason/Request.pm:1273
(eval)() called
at /usr/lib/perl5/site_perl/5.8.8/HTML/Mason/Request.pm:1268
HTML::Mason::Request::comp() called
at /usr/lib/perl5/site_perl/5.8.8/HTML/Mason/Request.pm:467
(eval)() called
at /usr/lib/perl5/site_perl/5.8.8/HTML/Mason/Request.pm:467
(eval)() called
at /usr/lib/perl5/site_perl/5.8.8/HTML/Mason/Request.pm:419
HTML::Mason::Request::exec() called
at /usr/lib/perl5/site_perl/5.8.8/HTML/Mason/ApacheHandler.pm:168
HTML::Mason::Request::ApacheHandler::exec() called
at /usr/lib/perl5/site_perl/5.8.8/HTML/Mason/ApacheHandler.pm:825
HTML::Mason::ApacheHandler::handle_request() called
at /opt/rt3/bin/webmux.pl:125
(eval)() called at /opt/rt3/bin/webmux.pl:125
RT::Mason::handler() called at -e:0
(eval)() called at -e:0
My RT_SiteConfig.pm has the following contents:
Set( $rtname, 'l00-bugdead-prods.de.de');
Set($AuthMethods, ['LDAP', 'Internal']);
Set($LdapExternalAuth, 1);
Set($LdapExternalInfo, 1);
Set($LdapAutoCreateNonLdapUsers, 1);
Set($LdapAttrMap, {'Name' => 'uid',
'EmailAddress' => 'mail',
'Organization' => 'o',
'RealName' => 'cn',
'ExternalContactInfoId' => 'dn',
'ExternalAuthId' => 'uid',
'Gecos' => 'uid',
'WorkPhone' => 'telephoneNumber',
'Address1' => 'ou',
'Address2' => 'physicalDeliveryOfficeName'}
);
Set($LdapRTAttrMatchList, ['Name', 'ExternalContactInfoId',
'EmailAddress', 'RealName',
'WorkPhone', 'Address2']
);
Set($LdapEmailAttrMatchList, ['mail', 'mailRoutingAddress',
'mailAlternateAddress']
);
Set($LdapEmailAttrMatchPrefix, ['', 'smtp:', 'SMTP:'] );
Set($LdapServer, '10.0.0.11');
Set($LdapBase, 'ou=People,dc=l00-bugdead-prods');
Set($LdapFilter, '(objectclass=posixAccount)');
Set($LdapDisableFilter, '(employmentStatus=Terminated)');
Set($LdapTLS, 1);
Set($LdapSSLVersion, 3);
1;
Set($WebPort , 443);# + ($< * 7274) % 32766 + ($< && 1024));
Set($WebBaseURL , "https://tracker.ds9");
Set($WebURL , $WebBaseURL . $WebPath . "/");
Set($CorrespondAddress , 'ithelp at l00-bugdead-prods.de.de');
Set($CommentAddress , 'ithelp at l00-bugdead-prods.de.de');
Set($Organization , "l00-bugdead-prods.de.de");
Set($RTAddressRegexp , '^rt\@l00-bugdead-prods.de.de$');
Set($AutoCreate, {Privileged => 1});
This configuration works well on the host with the rt3 3.6.1 installed, but
not on the host with the new installation. They are both intended to
authenticate against the same ldap server.
I created a new database and loaded the dump from the old version. As far as
I can see, there is no need to upgrade the database schema between these
versions. Also psql -h localhost -U postgres rt3 works well on the command
line.
Do I can enable more debugging output for the LDAP authentication part? Or
does anybody has an idea what I am still missing/might have made wrong?
kind regards
More information about the rt-users
mailing list