Authenticating other things against RT's user database

This is something I just hacked up (with a little help from
the excelent mod_perl Developer’s Cookbook since I haven’t really
touched mod_perl in aeons now and was a tad rustier than I thought :slight_smile:
that may be of interest to someone.

    The situation:

    I've just installed Nagios (http://www.nagios.org/), a web

based network monitoring application. The guts of its interface are a
bunch of C (eeew :slight_smile: CGI programs that can be password protected. The
installation instructions tell you to setup the usual apache
AuthUserFile et al in an .htaccess file. Since I’ve installed nagios
on the same machine as my RT instance and pretty much everyone who’d
be accessing it already had RT accounts, it made sense to not add yet
another password when RT was already there.

    Keep in mind that this is using Basic authentication, so you

probably don’t want to be using it on something travelling over a
public network (or over anything other than an SSL connection for the
prudently paranoid).

    There's a small USAGE section at the bottom of the code.  If

you need more help than that, see the apache documentation such as:

http://httpd.apache.org/docs/howto/auth.html

—>8 Cut here 8<—

RTAuth – PerlAuthHandler for authenticating against RT’s user list

$Id$

package RTAuth;

use strict;

use DBI;
use Apache::Constants qw( OK AUTH_REQUIRED );

use RT ();
use RT::CurrentUser ();

sub handler {
my $r = shift;

my( $status, $pw ) = $r->get_basic_auth_pw;

return $status unless $status == OK;

RT::Init();

my $u = RT::CurrentUser->new();
unless( $u->Load($r->user) and $u->id() ) {
$r->log_error( "RT::CurrentUser->Load failed: ", $r->user );
return AUTH_REQUIRED;
}

return OK if $u->IsPassword( $pw );

return AUTH_REQUIRED
}

1;

END

=head1 USAGE

Put something resembling the following in a C<> or
C<>
section, or in a C<.htacess> file.

PerlAuthenHandler RTAuth

AuthName "RT Access"
AuthType Basic
Require valid-user

=head1 COPYING

Copyright 2002, Mike Fletcher.

This module may be distributed under the same terms as Perl.

=head1 AUTHOR

Mike Fletcher, fletch@cpan.org

=cut

—>8 Cut here 8<—

Fletch | "If you find my answers frightening, `’/|
fletch@phydeaux.org | Vincent, you should cease askin’ \ o.O’
770 933-0600 x211(w) | scary questions." – Jules =(
_)=
| U