[rt-users] External Auth config with RT on Debian

Jeff Solberg jsolberg at intrepidls.com
Tue Jul 2 18:01:15 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

After opening up the permissions on the directory where the External Auth Plugin lives (/usr/local/share/request-tracker4/) to my apache user I am now able to get logged into RT with a AD user!!!!! Prior to doing this root owned all these directories with only read permissions..

And looking at the logs I am now seeing a ton of chatter relating to this. Thanks for all your help.

Jeff


- -----Original Message-----
From: rt-users-bounces at lists.bestpractical.com [mailto:rt-users-bounces at lists.bestpractical.com] On Behalf Of Kevin Falcone
Sent: Tuesday, July 02, 2013 1:24 PM
To: rt-users at lists.bestpractical.com
Subject: [secure] Re: [rt-users] External Auth config with RT on Debian
Sensitivity: Confidential

* PGP Signed by an unknown key

On Tue, Jul 02, 2013 at 05:22:32PM +0000, Jeff Solberg wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Kevin,
> 
> In System Configuration in the Web UI I show the following being read in RT. 
> 
> LogToFile	'debug'	site config
> LogToFileNamed	'rt.log'	site config
> LogToScreen		'debug'	site config
> LogToSyslog 	''		site config
> Plugins 		'RT::Authen::ExternalAuth'	site config
> 
> Then under loaded Perl Modules I see
> 
> RT::Authen::ExternalAuth	0.16		/usr/local/share/request-tracker4/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
> 
> I would definably agree with you that the plugin is not being run because I have done TCP Packet dumps as I was logging in and there is no activity being sent to my LDAP Server/DC. Oddly enough one would think that with the debugging set it would be telling me something. As I stated earlier the only message being logged in RT.LOG is the FAILED LOGON message. I will look at the permissions on the plugin. Should it be readable by www-data? Thanks again for your help on this. I really need to get this working so I can then move on to the next phase and tailor it to my companies needs.

It should be readable by the user your webserver runs as.
Clearly the perl module loads, but the Mason components (under the html directory in the plugin) don't seem to be running.

There will be no extra debugging unless the plugin is running.

- -kevin

* Unknown Key
* 0x9E42250A

-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.2.1 (Build 4940)
Charset: us-ascii

wsBVAwUBUdNNrU8vfChWkpdqAQh4uAf/e7E9F1DV7qYLOSj2Giqv3UiI8cGBom/f
LUMInMyCjUlPnZOlXDRvcweRlYS/yFOPMJvOUvabzGm3R/WvKJ96X6MpowxVTYLU
KifS8SZ+RdpnZkGikWr4z8Omnlj+UkpsIrnTpC+EhTBIZmLTWGLr+Xzg0WO7WdpK
EushxB0HWGjdE0e1bj/UxVJD+Arr7S279Wi/VUF4/RF7iaNZlkC5/pHnga0oJV7w
+J5XcPSoDxo0eDfd62XkuAA5+38WqqSnIguz1TFmehEWCwx6zjh/862VWxyMjtzT
MdiF/qw2VjHBXXfnObhwSi9f62H7WwakUdoGFTo0ecp5xCRKh3e1HA==
=mU2I
-----END PGP SIGNATURE-----



More information about the rt-users mailing list