Gavin,
I asked this yesterday and Jessie invited me to send him a patch for it.
I have one that works for authenticating against an external auth source by
picking up $ENV{‘REMOTE_USER’} but there are issues with it. One of the big
advantages of RT2 (In my view) is it’s ability to let requestors look at
their tickets. The patch I currently have causes you to lose that ability.
I’m looking at modifying the user creation routines to somehow create
correct usernames to authenticate against web server auth but there are
serious issues with that. Do all your email address left hand side match
your NT/Kerberos/whatever usernames? Do you get mail from external users?
Etc., etc…
If you don’t mind not allowing requestors to be able to get in to look at
their own tickets, then this will work. There isn’t any config.pm knob or
anything, if you add this then it’s going to get the remote username from
the browser and try to load a user by that username. Warning only tested
for about 30 minutes before I decided I needed to do a lot more work before
I had what I need here.
*** autohandler.orig Thu Jun 28 13:00:35 2001
— autohandler Thu Jun 28 14:07:35 2001
*** 2,31 ****
<& /Elements/Footer &>
<%INIT>
#if it’s a noauth file, don’t ask for auth.
if ($m->base_comp->path =~ ‘^/NoAuth/’) {
$m->call_next();
$m->abort();
! }
!
If the user is loging in, let’s authenticate
! elsif (defined ($user) && defined ($pass)){
! $session{‘CurrentUser’} = RT::CurrentUser->new();
! $session{‘CurrentUser’}->Load($user);
! unless ($session{‘CurrentUser’}->id() ) {
! delete $session{‘CurrentUser’};
! $m->comp(‘/Elements/Login’, %ARGS, Error=> ‘Your username or
password is incorrect’);
! $m->abort();
! };
! unless ($session{‘CurrentUser’}->IsPassword($pass)) {
! delete $session{‘CurrentUser’};
! $m->comp(‘/Elements/Login’, Error => ‘Your username or password is
incorrect’, %ARGS);
! $m->abort();
}
! }
!
#If we’ve got credentials, lets serve the file up.
if ( (defined $session{‘CurrentUser’}) and
— 2,41 ----
<& /Elements/Footer &>
<%INIT>
#if it’s a noauth file, don’t ask for auth.
if ($m->base_comp->path =~ ‘^/NoAuth/’) {
$m->call_next();
$m->abort();
! } else {
!
! if ( defined $ENV{‘REMOTE_USER’} ) {
! $user = $ENV{‘REMOTE_USER’};
! $session{‘CurrentUser’} = RT::CurrentUser->new();
! $session{‘CurrentUser’}->Load($user);
! unless ($session{‘CurrentUser’}->id() ) {
! delete $session{‘CurrentUser’};
! $m->comp(‘/Elements/Login’, %ARGS, Error=> “In External
Authentication your username ($user) is incorrect.”);
! $m->abort();
! };
If the user is loging in, let’s authenticate
! } elsif (defined ($user) && defined ($pass)){
! $session{‘CurrentUser’} = RT::CurrentUser->new();
! $session{‘CurrentUser’}->Load($user);
! unless ($session{‘CurrentUser’}->id() ) {
! delete $session{‘CurrentUser’};
! $m->comp(‘/Elements/Login’, %ARGS, Error=> ‘Your username or
password is incorrect’);
! $m->abort();
! };
! unless ($session{‘CurrentUser’}->IsPassword($pass)) {
! delete $session{‘CurrentUser’};
! $m->comp(‘/Elements/Login’, Error => ‘Your username or
password is incorrect’, %ARGS);
! $m->abort();
! }
}
! }
#If we’ve got credentials, lets serve the file up.
if ( (defined $session{‘CurrentUser’}) and