[rt-users] RT::Authen::ExternalAuth using OpenLDAP on nginx

Tobias lott tobias at lott.eu.org
Sat Aug 29 19:04:06 EDT 2009



On Sun, 23 Aug 2009 23:31:49 +0200
Tobias lott <tobias at lott.eu.org> wrote:

> Good Day to everyone
> 
> Ive been using RT for quite some time now, I've been trying to get
> everything to work with nginx like Nagios, RT, whatnot... 
> 
> The Problem I'm facing now is that the mason_handler.fcgi is Timing
> out on nginx (weather I use 1 Process or more) whenever a LDAP user is
> trying to login. User root can login without a problem (before the
> mason_handler is going 100%).
> 
> USER       PID %CPU %MEM   VSZ   RSS  TT  STAT STARTED      TIME
> COMMAND rt       42755 100.0  4.4 50308 45744   2  R+J   9:18PM
> 7:38.97 perl /usr/local/bin/mason_handler.fcgi (perl5.10.0)
> 
> This is basically a fresh Installation for now, no imports been done
> so far.
> 
> Versions im using:
> 
> FreeBSD 8.0 Beta1
> nginx-0.8.9
> perl-5.10.0
> RT-3.8.4
> RT::Authen::ExternalAuth-0.08
> OpenLDAP 
> 
> Currently using RT_SiteConfig:
> Set(@Plugins,qw(RT::Authen::ExternalAuth));
> 
> Set($WebBaseURL , "https://tracker.local");
> Set($WebPort, 443);
> Set($LogDir, '/var/log');
> Set($LogToFile , 'debug');
> Set($LogToScreen , 'debug');
> Set($UseFriendlyFromLine , 0);
> Set($DatabaseType , 'Pg');
> Set($DatabaseHost   , 'dbhost');
> Set($DatabaseName , 'rt3');
> Set($DatabaseRequireSSL , 1);
> Set($UseSQLForACLChecks, 1);
> Set($LoopsToRTOwner , 1);
> Set($CanonicalizeRedirectURLs, 1);
> Set($AutoCreate, 0);
> 
> Set($ExternalAuthPriority, ['My_LDAP']);
> Set($ExternalInfoPriority, ['My_LDAP']);
> Set($ExternalServiceUsesSSLorTLS, 1);
> Set($AutoCreateNonExternalUsers, 0);
> Set($ExternalSettings, {
>         'My_LDAP'       =>  {
>                              'type' => 'ldap',
>                              'server' => 'ldaphost',
>                              'base' => 'dc=example,dc=com',
>                              'filter' => '(objectClass=*)',
>                              'd_filter' =>
> '(objectClass=NONEEXISTANT)', 'tls' => 1,
>                              'ssl_version' => 3,
>                              'net_ldap_args' => [version => 3 ],
>                              'attr_match_list' => ['Name' ],'attr_map'
>                              => {'Name' => 'cn'}}}
> );
> 
> The only Debug I get is the following (PGP hasn't been configured
> obviously):
> 
> [Sun Aug 23 20:53:24 2009] [debug]: RT's GnuPG libraries couldn't
> successfully read your configured GnuPG home directory
> (/var/run/rt38/data/gpg). PGP support has been disabled
> (/usr/local/lib/perl5/site_perl/5.10.0/RT/Config.pm:380) [Sun Aug 23
> 20:53:43 2009] [debug]: Reloading RT::User to work around a bug in
> RT-3.8.0 and RT-3.8.1
> (/usr/local/share/rt38/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth:14)
> 
> Would be nice if someone could give me any Hints on this.
> 
> Cheers

I've tried github Stable (last commit
58efef36fa6655d44209e05a75d9bd93ff84e7da) now, but its still same
Behaviour, but got some more debug now:
http://pastebin.com/m6ba6a55e

Cheers

-- 
Tobias Lott



More information about the rt-users mailing list