[rt-users] RT-Extension-SaltedPasswords Not Playing Nice with LDAP

Nick Couchman Nick.Couchman at seakr.com
Fri Jan 21 15:39:41 EST 2011


> Correct ldap password or correct local password?
> RT-Authen-ExternalAuth 0.05 messes with IsPassword, and you'd likely
> have to merge the IsPassword from SaltedPasswords with
> IsInternalPassword to make it go.
> 
> RT-Authen-ExternalAuth 0.08 (the version compatible with 3.8) uses a
> different technique that doesn't clobber IsPassword
> 
> -kevin

Correct LDAP password.

I was able to get it working - here's how, in case anyone else is
interested.

- For RT using the really old LDAP method, I changed the name of the
IsPassword function in the Salted extension to "IsSaltedPassword" as
well as the override for IsPassword, and then in my RT_SiteConfig.pm
file, I used the following:

Set($AuthMethods, ['LDAP', 'Salted']);

So, authentication calls IsLDAPPassword() and then IsSaltedPassword(),
and ignores the old IsInternalPassword() function.

- For RT using the RT-Authen-ExternalAuth extension, I made the same
change of the function name to IsSaltedPassword in the salt extension,
and then in the local/lib/RT/User_Vendor.pm file, I changed the call for
IsInternalPassword($value) to IsSaltedPassword($value).

-Nick



--------
This e-mail may contain confidential and privileged material for the sole use of the intended recipient.  If this email is not intended for you, or you are not responsible for the delivery of this message to the intended recipient, please note that this message may contain SEAKR Engineering (SEAKR) Privileged/Proprietary Information.  In such a case, you are strictly prohibited from downloading, photocopying, distributing or otherwise using this message, its contents or attachments in any way.  If you have received this message in error, please notify us immediately by replying to this e-mail and delete the message from your mailbox.  Information contained in this message that does not relate to the business of SEAKR is neither endorsed by nor attributable to SEAKR.



More information about the rt-users mailing list