[rt-users] Auto creating user email addresses from CAS authenticated RT SelfService
Kevin Falcone
falcone at bestpractical.com
Fri Jun 14 11:58:37 EDT 2013
On Mon, Jun 10, 2013 at 09:29:20PM -0700, Duncan Napier wrote:
> OK ... I solved the problem. After some looking around and re-examining my old code, I found for RT 4.0.8, go to /lib in your "rt" directory (eg /var/rt or /usr/local/rt) so for me I edited in
> /usr/local/rt/lib/RT/Interface/Web.pm
Rather than overriding code in RT and making upgrades harder (you're
already behind 5 versions, including some security releases) you can
make a local/lib/RT/Interface/Web_Local.pm and only override the one
method you're changing.
I'd probably make the change in a User_Local.pm file changing the
RT::User::CanonicalizeUserInfo method, but there are many ways to fix
this.
-kevin
> ############### Start Code Fragment
>
> sub WebExternalAutoInfo {
>
> my $user = shift;
>
> my %user_info;
>
>
> # default to making Privileged users, even if they specify
>
> # some other default Attributes
>
> if ( !$RT::AutoCreate
>
> || ( ref($RT::AutoCreate) && not exists $RT::AutoCreate->{Privileged} ) )
>
> {
>
> $user_info{'Privileged'} = 1;
>
> }
>
> ############## End Code Fragment
>
> and add the line
>
> $user_info{'EmailAddress'} = "$user\@mycompany.com";
>
>
> ############### Start Code Fragment
>
>
>
> sub WebExternalAutoInfo {
>
> my $user = shift;
>
> my %user_info;
>
> $user_info{'EmailAddress'} = "$user\@mycompany.com";
>
> # default to making Privileged users, even if they specify
>
> # some other default Attributes
>
> if ( !$RT::AutoCreate
>
> || ( ref($RT::AutoCreate) && not exists $RT::AutoCreate->{Privileged} ) )
>
> {
>
> $user_info{'Privileged'} = 1;
>
> }
>
> ############## End Code Fragment
>
> You may (?) also have to add
>
> $user_info{'Privileged'} = 0;
>
> along with
>
> $user_info{'EmailAddress'} = "$user\@mycompany.com";
>
> if you want your newly-created user to be Unpriviliged, which is standard for RT SelfServe. I'm not sure what happens when you ask to autocreate priviliged (internal) users ... I believe in the case of RT_SiteConfig.pm to enable external authentication (like CAS or LDAP):
>
> Set($WebExternalAuth , '1');
> Set($WebFallbackToInternalAuth , '1');
> Set($WebExternalGecos , undef);
> Set($WebExternalAuto , '1');
>
> And now for each new user, the field 'EmailAddress'is populated with "$user at mycompany.com"
>
> Have fun with it, people!
>
> Duncan.
>
> ----- Original Message -----
> > Hello,
> >
> > I am currently migrating from RT 3.4.5-2 (2006) on Fedora Core 4 to
> > RT 4.0.8 on Centos 6.2. The reasons are many, including aging
> > platform, move to virtualization etc.
> >
> > The new RT, like the old one, does external authentication through
> > CAS (Central Authentication Service). Basically users always
> > initiate a support request through the RT SelfServe website by
> > authenticating with single sign-on credentails (username, password).
> >
> > The system generates a new user the first time the user logs in
> > populates the "Identity" Username and "Unix login" Username from
> > their login credentials. On the old system, loggin in for the first
> > time also autogenerates an email by concatenating the "Identity"
> > with the email domain suffix ("@mydomain.com").
> >
> > So for example, person with ID newuser, logs in for the first time,
> > and their Email field is populated with "newuser at mydomain.com", and
> > nothing needs to be done from my end.
> >
> > For some reason, it does not do this on the new system. I seem to
> > recall some 7 years ago adding a hack to set this autocreation of
> > the email field using the username. I have searched but can't find
> > anything and searched through the code to see where/how it was
> > implemented, but I am at a loss.
> >
> > Does anyone know how this is done in RT 4.x? Other than putting it in
> > manually, I haven't been able to figure out how to do this. Thanks
> > in advance.
> >
> >
> >
> >
>
> --
>
> Regards,
>
> Duncan.
>
> -----------------------------------------------------------------------
> Duncan Napier
> duncan_napier at sfu.ca
> http://www.sfu.ca/~dgnapier/
> IT & Instrumentation Consultant
> Dept of Molecular Biology and Biochemistry
> Simon Fraser University
>
> "It takes ten years to become good at being a kid. Then another ten years
> to become good at not being a kid" - Larry Wall.
>
>
>
> --
> RT Training in Seattle, June 19-20: http://bestpractical.com/training
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20130614/824887ff/attachment.sig>
More information about the rt-users
mailing list