[rt-users] ExternalAuth for only Auth

Kevin Falcone falcone at bestpractical.com
Thu Feb 16 12:13:11 EST 2012 

On Thu, Feb 16, 2012 at 08:53:09AM -0800, Ryan Backman wrote:
> Is there a way to tell ExternalAuth to only Authenticate and forget about
> trying to CanonicalizeUserInfo?

Yes - but rather than doing this:

#Set ( $ExternalInfoPriority,  [ 'GFU_LDAP' ] );

try this
 
Set ( $ExternalInfoPriority,  [ ] );

You also didn't give your RT or RT-Authen-ExternalAuth versions and
your line numbers are odd enough that I can tell you're using an older
version and I hesitate to suggest more without knowing exactly what's
going on.

-kevin

> I create tickets through an external REST API and create the user at the
> same time as the ticket.  We have users that are in AD and do not have an
> email address, I pull their address from a database.
> 
> Here is the relevant snippet from the log file:
> 
> [Thu Feb 16 00:57:18 2012] [debug]:
> RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
> RT::Authen::ExternalAuth
> /usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
> 668 with: Disabled: , EmailAddress: user at hotmail.com, Name: jdoe,
> Privileged: , RealName: John Doe
> (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565)
> [Thu Feb 16 00:57:18 2012] [warning]: Use of uninitialized value $_[1] in
> join or string at /usr/share/perl5/Log/Dispatch.pm line 21.
> (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
> [Thu Feb 16 00:57:18 2012] [debug]: Attempting to get user info using this
> external service:
>  (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
> [Thu Feb 16 00:57:18 2012] [info]:
> RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: ,
> EmailAddress: jdoe at hotmail.com, Name: jdoe, Privileged: , RealName: John
> Doe
> (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651)
> [Thu Feb 16 00:57:19 2012] [debug]: Got a resolved(inactive) ticket with
> undefined resolved date. Setting to now.
> (/usr/share/request-tracker3.8/lib/RT/Ticket_Overlay.pm:361)
> [Thu Feb 16 00:57:19 2012] [error]: Unable to parse an email address from
> jdoe: Couldn't find row (/usr/share/request-tracker3.8/lib/RT/EmailParser.p
> 
> 
> ###################################
> # ExternalAuth Configuration
> ###################################
> 
> Set ( $ExternalAuthPriority,  [ 'GFU_LDAP' ] );
> 
> #Set ( $ExternalInfoPriority,  [ 'GFU_LDAP' ] );
> 
> Set($ExternalServiceUsesSSLorTLS,    0);
> 
> Set($AutoCreateNonExternalUsers, 0);
> 
> Set($ExternalSettings, {
> 'GFU_LDAP' => {
> 'type'                      =>  'ldap',
> 'server'                    =>  'server.georgefox.edu',
> 'user'                      =>  'CN=User,OU=Group,DC=Base,DC=Base,DC=edu',
> 'pass'                      =>  'Password',
> 'base'                      =>  'DC=Group,DC=Base,DC=edu',
> 'filter'                    =>  '(objectClass=user)',
> 'd_filter'                  =>  '(objectClass=Doesntexist)',
> 'tls'                       =>  0,
> 'ssl_version'               =>  3,
> 'net_ldap_args'             => [    version =>  3, port => 636   ],
> 'group'                     =>  'CN=User,OU=Group,DC=Base,DC=Base,DC=edu',
> 'group_attr'                =>  'member',
> 'attr_match_list'           => ['Name',],
> 'attr_map'                  =>  {'Name' => 'sAMAccountName',
>                                  'EmailAddress' => 'mail',
>                                  'ExternalAuthId' => 'sAMAccountName',
>                                  'Gecos' => 'sAMAccountName',
>                                 }
> }
> }
> );
> 
> Before I commended out ExternalInfoPriority, this is what was in the log
> file:
> 
> [Wed Feb 15 23:28:49 2012] [debug]:
> RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
> RT::Authen::ExternalAuth
> /usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
> 668 with: Comments: Autocreated when added as a watcher, Disabled: ,
> EmailAddress: , Name: , Privileged: , RealName: jdoe
> (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565)
> [Wed Feb 15 23:28:49 2012] [debug]: Attempting to get user info using this
> external service: GFU_LDAP
> (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
> [Wed Feb 15 23:28:49 2012] [debug]: Attempting to use this canonicalization
> key: Name
> (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:587)
> [Wed Feb 15 23:28:49 2012] [debug]: This attribute ( Name ) is null or
> incorrectly defined in the attr_map for this service ( GFU_LDAP )
> (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:589)
> [Wed Feb 15 23:28:49 2012] [info]:
> RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments:
> Autocreated when added as a watcher, Disabled: , EmailAddress: , Name: ,
> Privileged: , RealName: jdoe
> (/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651)
> [Wed Feb 15 23:28:54 2012] [crit]: Failed to create user : Could not set
> user info (/usr/share/request-tracker3.8/lib/RT/User_Overlay.pm:513)
> 
> =+=+=+=+=+=+=+=+=+
> Ryan Backman
> Programmer / Analyst
> George Fox University
> 503.554.2576
> =+=+=+=+=+=+=+=+=+

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20120216/b3b953ed/attachment.sig>

More information about the rt-users mailing list