[rt-users] RT - Oracle db authentication as secondary methode

Asanka Gunasekera asanka_gunasekera at yahoo.co.uk
Wed May 25 00:04:53 EDT 2011


Hi all, I am trying o configure RT-Authen-ExternalAuth, as per the documentation 
with this I can see you can have more than one mode of authentication (LDAP, DB 
etc).
Now my LDAP (AD) integration is fine, but what my issue now is to get RT to 
authenticate against Oracle DB as its secondary authentication method, and I am 
lost with this. 

Following are my system details
OS – Redhat 5.4 (64bit)
Oracle – 10g2 (64bit)
RT - 3.8.8
Perl - v5.12.2)
Modules which are loaded:
DBD::Oracle
DBI
 
I have done the following configuration 
Set($ExternalAuthPriority,  [   'My_LDAP',  'My_Oracle'   ]);
Set($ExternalInfoPriority,  [ 'My_LDAP', 'My_Oracle' ]);
Set($ExternalServiceUsesSSLorTLS,    0);
Set($AutoCreateNonExternalUsers,    0);
 
Set($ExternalSettings,      {   # AN EXAMPLE DB SERVICE
                                'My_Oracle'   =>  {      ## GENERIC SECTION
                                                        # The type of service 
(db/ldap/cookie)
                                                        
'type'                      =>  'db',
                                                        # The server hosting the 
service
                                                        
'server'                    =>  localhost,
                                                        ## SERVICE-SPECIFIC 
SECTION
                                                        # The database name
                                            
            'database'                  =>  'RT',
                                                        # The database table
                                                        
'table'                     =>  'USERS',
                                                        # The user to connect to 
the database as
                                                        
'user'                      =>  'rtdb1',
                                                        # The password to use to 
connect with
                                                        
'pass'                      =>  'rtdb1secret',
                                                        # The port to use to 
connect with (e.g. 3306)
                                                   
     'port'                      =>  '1521',
                                                        # The name of the Perl 
DBI driver to use (e.g. mysql)
                                                        
'dbi_driver'                =>  'Oracle',
                                                        # The field in the table 
that holds usernames
                                                        
'u_field'                   =>  'NAME',
                                                        # The field in the table 
that holds passwords
                                                        
'p_field'                   =>  'PASSWORD',
                                                        # The Perl package & 
subroutine used to encrypt passwords
                                                        # e.g. if the passwords 
are stored using the MySQL v3.23 "PASSWORD"
                                                        # function, then you 
will need Crypt::MySQL::password, but for the
                                                        # MySQL4+ password 
function you will need Crypt::MySQL::password41
                                                        # Alternatively, you 
could use Digest::MD5::md5_hex or any other
                                                        # encryption subroutine 
you can load in your perl installation
                                                        
'p_enc_pkg'                 =>  'Crypt::MySQL',
                                                        
'p_enc_sub'                 =>  'password',
                                                        # If your p_enc_sub 
takes a salt as a second parameter,
                                                        # uncomment this line to 
add your salt
                                                        
#'p_salt'                    =>  'SALT',
                                                        #
                                                        # The field and values 
in the table that determines if a user should
                                                        # be disabled. For 
example, if the field is 'user_status' and the values
                                                        # are 
['0','1','2','disabled'] then the user will be disabled if their
                                                        # user_status is set to 
'0','1','2' or the string 'disabled'.
                                                        # Otherwise, they will 
be considered enabled.
                                                        
'd_field'                   =>  'disabled',
                                                        
'd_values'                  =>  ['0'],
                                                        ## RT ATTRIBUTE MATCHING 
SECTION
                                                        # The list of RT 
attributes that uniquely identify a user
                                                        
'attr_match_list'           =>  [   'GECOS',
                                                                                           
 'NAME'
                                                                                       
 ],
                                                        # The mapping of RT 
attributes on to field names
                                                        
'attr_map'                  =>  {   'Name' => 'NAME',
                                                                                           
 'EmailAddress' => 'EMAILADDRESS',
                                                                                           
 'ExternalAuthId' => 'NAME',
          
                                                                                  'Gecos'
 => 'GECOS'
                                                                                       
 }
                                                    },
                                # AN EXAMPLE LDAP SERVICE
                                'My_LDAP'       =>  {   ## GENERIC SECTION
                                                        # The type of service 
(db/ldap/cookie)
                                                        
'type'                      =>  'ldap',
 
                                                           ……………………………………………….
 
With the above configuration, when I try to login to RT the IE displays 
following message.
DBI connect('database=RT;host=myhost.exampal.com;port=1521','rtdb1',...) failed: 
Can't connect using this syntax without specifying a HOST and one of SID 
INSTANCE_NAME SERVER SERVICE_NAME at 
/usr/local/rt-3.8.8-ora/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/DBI.pm
 line 440

Thanks and Best Reagards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20110525/3c9613f7/attachment.htm>


More information about the rt-users mailing list