[rt-users] RT3.8.1-Custom Login Requires Code Changes?
mike.peachey at jennic.com
Thu Dec 18 14:48:53 EST 2008
Edward Bryan wrote:
> I've been tasked with finding a way to login to our RT system by
> validating our cookies against a local database and then submitting a
> valid user name as a login token to RT. The object is to write a single
> sign on plugin that validates against a secure database for a large
> number of diverse applications.
> RT has facilities to query LDAP and DBI databases with ExternalAuth and
> it also has the ability to read a cookie and validate it against a
> database of users and user IDs with CookieAuth but it doesn't seem to
> have a method for allowing me do to my own user validation and then
> simply submitting a user name as a valid login token. RT retains the
> power of the query for user validation. (Correct?)
> I think in order to do this I will need to do some major Mason-ary work
> and before I propose a project of that size to my customer, I wanted to
> get confirmation that this is the only way to get RT to follow our local
> login model.
TBH CookieAuth is a fantastic example of how to "build your own" and
although it's not *totally* clear what you're looking for I don't think
you'd have to veer far from it.
The whole validation path is quite simple.. you put in an Auth callback
that runs whatever code you want it to when a user first vists and you
can call any other methods you want at the same time, and all you need
to have a logged in user is to put a user in the $session variable.
If you want to do your own changes to validation of an actual password,
you just gotta override isPassword in the USer object using a
User_Vendor.pm or User_Local.pm.
I can advise better if you can clarify a little what your intended
Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
More information about the rt-users