[rt-users] Auto Login Link in autoreply with password
Marouane HIMDI
marouane.himdi at kereval.com
Mon Aug 30 08:49:10 EDT 2010
Torsten talks about this tool ttp://www.openwall.com/john/
Le 30/08/2010 14:19, Codatel Lists a écrit :
> what do you mean by parse it through john?
>
> On 30/08/2010, at 10:12 PM, Torsten Brumm wrote:
>
>> Damn, you are right, for users with a password this will not work.
>>
>> Hmmm, possibly other guys have better ideas....parse it through john
>> and then you have it plain text :-(
>>
>> 2010/8/30 Codatel Lists <lists at codatel.com.au
>> <mailto:lists at codatel.com.au>>
>>
>> This is what the RT replied back to me in the email
>>
>>> http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=
>>> <http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=>
>>
>> there was no password
>>
>>
>> FYI the Auto generation script has no effect here as the
>> requestor is an existing email address
>>
>> so the
>>
>>>> {$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$pass}
>>>
>>
>> line is outside the password auto genrating script.
>>
>> I believe the $pass parameter has something to do with the script
>> but it is not being understood as the line I used is not within
>> that part of the script.
>>
>>
>>
>>
>>
>> On 30/08/2010, at 7:48 PM, Torsten Brumm wrote:
>>
>>> OK, the mail sent out, does it have the password posted?
>>>
>>> Is this the correct link you created?
>>> http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=
>>> <http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=>
>>>
>>> Or like this?
>>> http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=
>>> <http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=>$pass
>>>
>>> ??
>>> 2010/8/30 Codatel Lists <lists at codatel.com.au
>>> <mailto:lists at codatel.com.au>>
>>>
>>> I have tried that and I get the following result.
>>>
>>> The password is blank
>>>
>>> http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=
>>> <http://rt.mydomain.com/ticket/SelfService/Display.html?id=139&user=requestor@email.com&pass=>
>>>
>>> On 30/08/2010, at 7:38 PM, Torsten Brumm wrote:
>>>
>>>> Hi,
>>>> looks like we didn't talked about the same...
>>>>
>>>> You like to do this:
>>>>
>>>> {$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}
>>>>
>>>> No idea what is stored
>>>> here: $Transaction->CreatorObj->__Value('Password' but from
>>>> the output you sent, it looks like the md5 of the password:
>>>>
>>>> You should try this:
>>>>
>>>> {$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$pass}
>>>>
>>>> inside $pass you sent out the plain text password and i
>>>> think, the login method with the link will also have the
>>>> plaintext pass.
>>>>
>>>> Torsten
>>>> 2010/8/29 Codatel Lists <lists at codatel.com.au
>>>> <mailto:lists at codatel.com.au>>
>>>>
>>>> I am trying to setup my autoreply so that it has a
>>>> direct link for the requestor to click and he can be
>>>> logged straight into the RT.
>>>> I am new to the eco system and have been playing around
>>>> with it over the past few days.
>>>> Ive hit a roadblock and am hoping someone can help me out.
>>>>
>>>> I have inserted the following into the autoreply template
>>>>
>>>> {$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}
>>>>
>>>>
>>>> It almost works perfectly except for the fact that the
>>>> password actually goes out encrypted and is pretty useless.
>>>>
>>>> this is the link that the requestor gets back
>>>>
>>>>
>>>> http://rt.mydomain.com.au/ticket/SelfService/Display.html?id=138&user=requestor@email.com&pass=091128365216c001205810ed3po175fb
>>>> <http://rt.mydoman.com/ticket/SelfService/Display.html?id=138&user=requestor@email.com&pass=091128365216c001205810ed3po175fb>
>>>>
>>>>
>>>>
>>>> Below is my entire template.
>>>>
>>>>
>>>> Can someone please let me know how I am able to send a
>>>> clickable link with every autoreply that will take the
>>>> requestor straight to the ticket on the web.
>>>>
>>>> Subject: AutoReply: {$Ticket->Subject}
>>>>
>>>>
>>>> Greetings,
>>>>
>>>> This message has been automatically generated in
>>>> response to the
>>>> creation of a helpdesk call:
>>>>
>>>> "{$Ticket->Subject()}",
>>>>
>>>> a summary of which appears below.
>>>>
>>>> There is no need to reply to this message right now.
>>>> Your ticket has been
>>>> assigned an ID of [{$rtname} #{$Ticket->id()}]. Please
>>>> include this string
>>>> in the subject line of all future correspondence about
>>>> this issue.
>>>>
>>>> {
>>>> *RT::User::GenerateRandomNextChar =
>>>> \&RT::User::_GenerateRandomNextChar;
>>>>
>>>>
>>>> if (($Transaction->CreatorObj->id != $RT::Nobody->id) &&
>>>> (!$Transaction->CreatorObj->Privileged) &&
>>>> ($Transaction->CreatorObj->__Value('Password') eq
>>>> '*NO-PASSWORD*')
>>>> ) {
>>>>
>>>>
>>>>
>>>> my $user = RT::User->new($RT::SystemUser);
>>>> $user->Load($Transaction->CreatorObj->Id);
>>>> my ($stat, $pass) = $user->SetRandomPassword();
>>>>
>>>>
>>>>
>>>> if (!$stat) {
>>>> $OUT .=
>>>>
>>>> "An internal error has occurred. RT was not able to set
>>>> a password for you.
>>>> Please contact your local RT administrator for
>>>> assistance.";
>>>>
>>>>
>>>> }
>>>>
>>>>
>>>> $OUT .= "
>>>> You can check the current status and history of your
>>>> requests at:
>>>>
>>>>
>>>> ".$RT::WebURL."
>>>>
>>>>
>>>> When prompted, enter the following username and password:
>>>>
>>>>
>>>> Username: ".$user->Name."
>>>> Password: ".$pass."
>>>>
>>>> ";
>>>> }
>>>> }
>>>> {$RT::WebURL}SelfService/Display.html?id={$Ticket->id()}&user={$Transaction->CreatorObj->Name}&pass={$Transaction->CreatorObj->__Value('Password')}
>>>>
>>>> Thank you.
>>>>
>>>> {$Ticket->QueueObj->CorrespondAddress()}
>>>>
>>>>
>>>> -------------------------------------------------------------------------
>>>> {$Transaction->Content()}
>>>>
>>>>
>>>> RT Training in Washington DC, USA on Oct 25 & 26 2010
>>>> Last one this year -- Learn how to get the most out of RT!
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> MFG
>>>>
>>>> Torsten Brumm
>>>>
>>>> http://www.brumm.me <http://www.brumm.me/>
>>>> http://www.elektrofeld.de <http://www.elektrofeld.de/>
>>>
>>>
>>>
>>>
>>> --
>>> MFG
>>>
>>> Torsten Brumm
>>>
>>> http://www.brumm.me <http://www.brumm.me/>
>>> http://www.elektrofeld.de <http://www.elektrofeld.de/>
>>
>>
>>
>>
>> --
>> MFG
>>
>> Torsten Brumm
>>
>> http://www.brumm.me <http://www.brumm.me/>
>> http://www.elektrofeld.de <http://www.elektrofeld.de/>
>
>
>
> RT Training in Washington DC, USA on Oct 25& 26 2010
> Last one this year -- Learn how to get the most out of RT!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100830/ca702b89/attachment.htm>
More information about the rt-users
mailing list