[rt-users] RT - Oracle db authentication as secondary methode
Asanka Gunasekera
asanka_gunasekera at yahoo.co.uk
Wed May 25 00:04:53 EDT 2011
Hi all, I am trying o configure RT-Authen-ExternalAuth, as per the documentation
with this I can see you can have more than one mode of authentication (LDAP, DB
etc).
Now my LDAP (AD) integration is fine, but what my issue now is to get RT to
authenticate against Oracle DB as its secondary authentication method, and I am
lost with this.
Following are my system details
OS – Redhat 5.4 (64bit)
Oracle – 10g2 (64bit)
RT - 3.8.8
Perl - v5.12.2)
Modules which are loaded:
DBD::Oracle
DBI
I have done the following configuration
Set($ExternalAuthPriority, [ 'My_LDAP', 'My_Oracle' ]);
Set($ExternalInfoPriority, [ 'My_LDAP', 'My_Oracle' ]);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 0);
Set($ExternalSettings, { # AN EXAMPLE DB SERVICE
'My_Oracle' => { ## GENERIC SECTION
# The type of service
(db/ldap/cookie)
'type' => 'db',
# The server hosting the
service
'server' => localhost,
## SERVICE-SPECIFIC
SECTION
# The database name
'database' => 'RT',
# The database table
'table' => 'USERS',
# The user to connect to
the database as
'user' => 'rtdb1',
# The password to use to
connect with
'pass' => 'rtdb1secret',
# The port to use to
connect with (e.g. 3306)
'port' => '1521',
# The name of the Perl
DBI driver to use (e.g. mysql)
'dbi_driver' => 'Oracle',
# The field in the table
that holds usernames
'u_field' => 'NAME',
# The field in the table
that holds passwords
'p_field' => 'PASSWORD',
# The Perl package &
subroutine used to encrypt passwords
# e.g. if the passwords
are stored using the MySQL v3.23 "PASSWORD"
# function, then you
will need Crypt::MySQL::password, but for the
# MySQL4+ password
function you will need Crypt::MySQL::password41
# Alternatively, you
could use Digest::MD5::md5_hex or any other
# encryption subroutine
you can load in your perl installation
'p_enc_pkg' => 'Crypt::MySQL',
'p_enc_sub' => 'password',
# If your p_enc_sub
takes a salt as a second parameter,
# uncomment this line to
add your salt
#'p_salt' => 'SALT',
#
# The field and values
in the table that determines if a user should
# be disabled. For
example, if the field is 'user_status' and the values
# are
['0','1','2','disabled'] then the user will be disabled if their
# user_status is set to
'0','1','2' or the string 'disabled'.
# Otherwise, they will
be considered enabled.
'd_field' => 'disabled',
'd_values' => ['0'],
## RT ATTRIBUTE MATCHING
SECTION
# The list of RT
attributes that uniquely identify a user
'attr_match_list' => [ 'GECOS',
'NAME'
],
# The mapping of RT
attributes on to field names
'attr_map' => { 'Name' => 'NAME',
'EmailAddress' => 'EMAILADDRESS',
'ExternalAuthId' => 'NAME',
'Gecos'
=> 'GECOS'
}
},
# AN EXAMPLE LDAP SERVICE
'My_LDAP' => { ## GENERIC SECTION
# The type of service
(db/ldap/cookie)
'type' => 'ldap',
……………………………………………….
With the above configuration, when I try to login to RT the IE displays
following message.
DBI connect('database=RT;host=myhost.exampal.com;port=1521','rtdb1',...) failed:
Can't connect using this syntax without specifying a HOST and one of SID
INSTANCE_NAME SERVER SERVICE_NAME at
/usr/local/rt-3.8.8-ora/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/DBI.pm
line 440
Thanks and Best Reagards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110525/3c9613f7/attachment.htm>
More information about the rt-users
mailing list