[rt-users] RT::Authen::ExternalAuth question

Kevin Falcone falcone at bestpractical.com
Tue Oct 28 19:14:57 EDT 2008


Please don't send me private mail, use the list.

On Oct 28, 2008, at 6:43 PM, Michael Mollard wrote:

> Thanks for the reply.  It's certainly a steep learning curve getting  
> this all to function.
> I only have root (default) created in the system.  I want to auto- 
> create users then they authenticate to my LDAP directory  
> (eDirectory).  So the user I am testing isn't in the system, I'm  
> trying to trigger the auto-create process.

Thats not one of the LDAP servers I've configured against in the past.
Its worth checking to see if you have anything in your Users table and  
if
you have anything in your logs about the autocreation succeeding.

There is some new debugging in the svn version of RT-Authen-ExternalAuth
to try and catch errors.  I haven't had a chance to roll a .06_03  
testing release, so
if you want to test it you'll have to look at the svn repo
http://code.bestpractical.com/bps-public/RT-Authen-ExternalAuth/trunk/

> FYI, if I 'ln -s' or 'cp' the User_Vendor.pm file to the location as  
> per below, the error does go away, but the ldap autocreate still  
> doesn't work.

This points to you having a fundamental problem if it won't load from  
the plugin directory
despite @INC being correct.
Filesystem permissions would be a good things to check.

-kevin

>>>> Kevin Falcone <falcone at bestpractical.com> 29/10/2008 4:11 am >>>
>
> On Oct 28, 2008, at 5:28 AM, Terence Monteiro wrote:
>
>> Hi Michael,
>>
>> Michael Mollard wrote:
>>> I'm running 3.8.1 on a clean SLES10SP2.  I've installed 3.8.1 and
>>> it's root/password account works fine.
>>> I then downloaded and installed v.06_2 of RT-Authen-ExternalAuth
>>> (to try and get ldap auth working).
>>> Before I even try and test my Ldap authenticate/autocreate, I try
>>> logging in as root/password.
>>>
>>> In my browser I get this error.
>>>
>>> RT::User::UpdateFromExternal Unimplemented in
>>> HTML::Mason::Commands. (/srv/www/vhosts/rt.mbc.qld.edu.au/local/
>>> plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/
>>> autohandler/Auth line 73)
>>
>> I installed RT from the debian package, which installs everything in
>> standard directories. When I installed the authentication module, it
>> worked
>> without a problem after I configured RT_SiteConfig.pm correctly. I
>> was able
>> to few errors I made in configuration by looking at the RT log.
>>
>>>
>>> Mike Peachey suggested this:
>>> This generally means that the User_Vendor.pm has not been found in
>>> the
>>> right place to make its methods available. UpdateFromExternal is an
>>> RT::User method, RT looks in User.pm and doesn't find it, ande then
>>> checks for its existence in User_Local.pm and User_Vendor.pm.
>>> Obviously
>>> it's just not finding or is unable to read User_Vendor.pm.
>>>
>>> My <RT_HOME> is
>>> 	/srv/www/vhosts/rt.mbc.qld.edu.au/
>>> The ExternalAuth plugin was installed in:
>>> 	<RT_HOME>/local/plugins/RT-Authen-ExternalAuth/
>>> and the only User_Vendor.pm in the whole structure is:
>>> 	<RT_HOME>/local/plugins/RT-Authen-ExternalAuth/lib/RT
>>> User.pm lives in:
>>> 	<RT_HOME>/lib/RT/User.pm
>>> 	and
>>> 	<RT_HOME>/lib/RT/Shredder/User.pm
>>> The v.06_2 ExternalAuth 'make install ' asked me for the location
>>> of RT.pm, and I typed:
>>> 	<RT_HOME>/lib
>>
>> Have you installed RT by downloading the source? I suspect that the
>> RT::Authen::ExternalAuth has not installed the User_Vendor.pm file
>> in the
>> correct directory. If you've installed RT from source, I think the
>> file is
>> meant to be installed in <RT_HOME>/local/lib/RT. Make sure it is
>> installed
>> there.
>
> No, it shouldn't be installed in local/lib/RT anymore.
> Starting with 3.8 we've been trying to segregate the various parts of
> plugins by installing them in local/plugins/PLUGIN-NAME/
>
> RT-Authen-ExternalAuth 0.05 shipped with a buggy installer
> that put the lib files in two places rather than just in local/plugins
>
> Since the SIteConfig correctly specified RT::Authen::ExternalAuth
> and the sysconfig shows that it made its way into @INC that should
> be fine.
>
> Michael: Is this a user that exists in RT already or that you're
> expecting
> to be autocreated at login time?
>
> -kevin
>
>> I checked your RT_SiteConfig.pm. Since you have included
>> configuration for
>> LDAP authentication in your RT_SiteConfig.pm, RT is looking to
>> authenticate
>> with the parameters you have specified there. Make sure you have set
>> your
>> bind dn as your user in the config. Correct other errors in your
>> configuration and restart your server and RT should authenticate
>> users with
>> their LDAP credentials.
>>
>>>
>>> Have you ever seen this error? I am at a loss where to start
>>> looking, there doesn't seem to be much in the log files.  I've
>>> attached my RT_SiteConfig.pm and my system configuration from
>>> within RT.
>>>
>>> Any suggestions would be gratefully accepted.
>>>
>>> Much thanks.
>>>
>>>
>>>
>>> Michael Mollard
>>> Network Administrator
>>> Moreton Bay College
>>> mollardm at mbc.qld.edu.au
>>> http://www.mbc.qld.edu.au
>>> Ph: (Direct) 07 3907 5712 / (Mob) 0417 631 801
>>> Fax: 07 3390 8919 ( http://www.mbc.qld.edu.au )
>>>
>>>
>>> --------------------------------------------------------------------------------
>>> Disclaimer: Whilst every attempt has been made to ensure that
>>> material contained in this email is free from computer viruses or
>>> other defects, the attached files are provided, and may only be
>>> used, on the basis that the user assumes all responsibility for use
>>> of the material transmitted. This email is intended only for the
>>> use of the individual or entity names above and may contain
>>> information that is confidential and privileged. If you are not the
>>> intended recipient, please note that any dissemination,
>>> distribution or copying of this email is strictly prohibited. If
>>> you have received this email in error, please notify us immediately
>>> by return email or telephone 07 3390 8555 and destroy the original
>>> message. The contents of this message are provided without
>>> responsibility in law for their accuracy or otherwise, and without
>>> assumption of a duty of care by the School.
>>> --------------------------------------------------------------------------------
>>>
>>>
>>> ------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>>
>>> Community help: http://wiki.bestpractical.com
>>> Commercial support: sales at bestpractical.com
>>>
>>>
>>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>>> Buy a copy at http://rtbook.bestpractical.com
>>
>>
>> -- 
>> Thanks and Regards,
>> Terence Monteiro.
>>
>> DeepRoot Linux,
>> http://www.deeproot.in
>> Ph: +91 (80) 4112 4781 / 84 / 85
>> Getting GNU/Linux to work for you. Faster. Better. Today. Every way
>>
>> _______________________________________________
>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>
>> Community help: http://wiki.bestpractical.com
>> Commercial support: sales at bestpractical.com
>>
>>
>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>> Buy a copy at http://rtbook.bestpractical.com
>>
>
> _______________________________________________
> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>
> Community help: http://wiki.bestpractical.com
> Commercial support: sales at bestpractical.com
>
>
> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
> Buy a copy at http://rtbook.bestpractical.com
>
> --------------------------------------------------------------------------------
> Disclaimer: Whilst every attempt has been made to ensure that  
> material contained in this email is free from computer viruses or  
> other defects, the attached files are provided, and may only be  
> used, on the basis that the user assumes all responsibility for use  
> of the material transmitted. This email is intended only for the use  
> of the individual or entity names above and may contain information  
> that is confidential and privileged. If you are not the intended  
> recipient, please note that any dissemination, distribution or  
> copying of this email is strictly prohibited. If you have received  
> this email in error, please notify us immediately by return email or  
> telephone 07 3390 8555 and destroy the original message. The  
> contents of this message are provided without responsibility in law  
> for their accuracy or otherwise, and without assumption of a duty of  
> care by the School.
> --------------------------------------------------------------------------------
>




More information about the rt-users mailing list