[rt-users] RT::Authen::ExternalAuth using OpenLDAP on nginx

Tobias lott tobias at lott.eu.org
Sun Aug 23 17:31:49 EDT 2009


Good Day to everyone

Ive been using RT for quite some time now, I've been trying to get
everything to work with nginx like Nagios, RT, whatnot... 

The Problem I'm facing now is that the mason_handler.fcgi is Timing out
on nginx (weather I use 1 Process or more) whenever a LDAP user is
trying to login. User root can login without a problem (before the
mason_handler is going 100%).

USER       PID %CPU %MEM   VSZ   RSS  TT  STAT STARTED      TIME COMMAND
rt       42755 100.0  4.4 50308 45744   2  R+J   9:18PM   7:38.97
perl /usr/local/bin/mason_handler.fcgi (perl5.10.0)

This is basically a fresh Installation for now, no imports been done so
far.

Versions im using:

FreeBSD 8.0 Beta1
nginx-0.8.9
perl-5.10.0
RT-3.8.4
RT::Authen::ExternalAuth-0.08
OpenLDAP 

Currently using RT_SiteConfig:
Set(@Plugins,qw(RT::Authen::ExternalAuth));

Set($WebBaseURL , "https://tracker.local");
Set($WebPort, 443);
Set($LogDir, '/var/log');
Set($LogToFile , 'debug');
Set($LogToScreen , 'debug');
Set($UseFriendlyFromLine , 0);
Set($DatabaseType , 'Pg');
Set($DatabaseHost   , 'dbhost');
Set($DatabaseName , 'rt3');
Set($DatabaseRequireSSL , 1);
Set($UseSQLForACLChecks, 1);
Set($LoopsToRTOwner , 1);
Set($CanonicalizeRedirectURLs, 1);
Set($AutoCreate, 0);

Set($ExternalAuthPriority, ['My_LDAP']);
Set($ExternalInfoPriority, ['My_LDAP']);
Set($ExternalServiceUsesSSLorTLS, 1);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, {
        'My_LDAP'       =>  {
                             'type' => 'ldap',
                             'server' => 'ldaphost',
                             'base' => 'dc=example,dc=com',
                             'filter' => '(objectClass=*)',
                             'd_filter' => '(objectClass=NONEEXISTANT)',
                             'tls' => 1,
                             'ssl_version' => 3,
                             'net_ldap_args' => [version => 3 ],
                             'attr_match_list' => ['Name' ],'attr_map'
                             => {'Name' => 'cn'}}}
);

The only Debug I get is the following (PGP hasn't been configured
obviously):

[Sun Aug 23 20:53:24 2009] [debug]: RT's GnuPG libraries couldn't
successfully read your configured GnuPG home directory
(/var/run/rt38/data/gpg). PGP support has been disabled
(/usr/local/lib/perl5/site_perl/5.10.0/RT/Config.pm:380) [Sun Aug 23
20:53:43 2009] [debug]: Reloading RT::User to work around a bug in
RT-3.8.0 and RT-3.8.1
(/usr/local/share/rt38/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth:14)

Would be nice if someone could give me any Hints on this.

Cheers
-- 
Tobias Lott



More information about the rt-users mailing list