[rt-users] ExternalAuth for only Auth

Ryan Backman rbackman at georgefox.edu
Thu Feb 16 11:53:09 EST 2012


Is there a way to tell ExternalAuth to only Authenticate and forget about
trying to CanonicalizeUserInfo?

I create tickets through an external REST API and create the user at the
same time as the ticket.  We have users that are in AD and do not have an
email address, I pull their address from a database.

Here is the relevant snippet from the log file:

[Thu Feb 16 00:57:18 2012] [debug]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
RT::Authen::ExternalAuth
/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
668 with: Disabled: , EmailAddress: user at hotmail.com, Name: jdoe,
Privileged: , RealName: John Doe
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565)
[Thu Feb 16 00:57:18 2012] [warning]: Use of uninitialized value $_[1] in
join or string at /usr/share/perl5/Log/Dispatch.pm line 21.
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
[Thu Feb 16 00:57:18 2012] [debug]: Attempting to get user info using this
external service:
 (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
[Thu Feb 16 00:57:18 2012] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: ,
EmailAddress: jdoe at hotmail.com, Name: jdoe, Privileged: , RealName: John
Doe
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651)
[Thu Feb 16 00:57:19 2012] [debug]: Got a resolved(inactive) ticket with
undefined resolved date. Setting to now.
(/usr/share/request-tracker3.8/lib/RT/Ticket_Overlay.pm:361)
[Thu Feb 16 00:57:19 2012] [error]: Unable to parse an email address from
jdoe: Couldn't find row (/usr/share/request-tracker3.8/lib/RT/EmailParser.p


###################################
# ExternalAuth Configuration
###################################

Set ( $ExternalAuthPriority,  [ 'GFU_LDAP' ] );

#Set ( $ExternalInfoPriority,  [ 'GFU_LDAP' ] );

Set($ExternalServiceUsesSSLorTLS,    0);

Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {
'GFU_LDAP' => {
'type'                      =>  'ldap',
'server'                    =>  'server.georgefox.edu',
'user'                      =>  'CN=User,OU=Group,DC=Base,DC=Base,DC=edu',
'pass'                      =>  'Password',
'base'                      =>  'DC=Group,DC=Base,DC=edu',
'filter'                    =>  '(objectClass=user)',
'd_filter'                  =>  '(objectClass=Doesntexist)',
'tls'                       =>  0,
'ssl_version'               =>  3,
'net_ldap_args'             => [    version =>  3, port => 636   ],
'group'                     =>  'CN=User,OU=Group,DC=Base,DC=Base,DC=edu',
'group_attr'                =>  'member',
'attr_match_list'           => ['Name',],
'attr_map'                  =>  {'Name' => 'sAMAccountName',
                                 'EmailAddress' => 'mail',
                                 'ExternalAuthId' => 'sAMAccountName',
                                 'Gecos' => 'sAMAccountName',
                                }
}
}
);

Before I commended out ExternalInfoPriority, this is what was in the log
file:

[Wed Feb 15 23:28:49 2012] [debug]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
RT::Authen::ExternalAuth
/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
668 with: Comments: Autocreated when added as a watcher, Disabled: ,
EmailAddress: , Name: , Privileged: , RealName: jdoe
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565)
[Wed Feb 15 23:28:49 2012] [debug]: Attempting to get user info using this
external service: GFU_LDAP
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
[Wed Feb 15 23:28:49 2012] [debug]: Attempting to use this canonicalization
key: Name
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:587)
[Wed Feb 15 23:28:49 2012] [debug]: This attribute ( Name ) is null or
incorrectly defined in the attr_map for this service ( GFU_LDAP )
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:589)
[Wed Feb 15 23:28:49 2012] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments:
Autocreated when added as a watcher, Disabled: , EmailAddress: , Name: ,
Privileged: , RealName: jdoe
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651)
[Wed Feb 15 23:28:54 2012] [crit]: Failed to create user : Could not set
user info (/usr/share/request-tracker3.8/lib/RT/User_Overlay.pm:513)

=+=+=+=+=+=+=+=+=+
Ryan Backman
Programmer / Analyst
George Fox University
503.554.2576
=+=+=+=+=+=+=+=+=+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120216/806e717e/attachment.htm>


More information about the rt-users mailing list