Is this possible ? IS there any documentation or howtos out there on the
subject ?
I’ve looked around some but can’t find anything, so my apologies if its
obvious 
Cheers,
Al
Is this possible ? IS there any documentation or howtos out there on the
subject ?
RT lets you delegate authentication to your webserver. Do that. Then do
this:
Date: Sun, 6 Jun 2004 17:37:58 -0400
From: Jesse Vincent jesse@bestpractical.com
To: Alan Horn ahorn@deorth.org
Cc: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Authenticating to RT using PAM ?
Is this possible ? IS there any documentation or howtos out there on the
subject ?RT lets you delegate authentication to your webserver. Do that. Then do
this:
That looks like just what I need… thanks !
One more question… it says in config.pm that RT will ‘defer’ to
REMOTE_USER. Does it only do that if REMOTE_USER is defined (I’d test but
I don’t have a test instance running right now…)
I can see a situation where my internal support folks go to RT via
centralised PAM for auth (e.g. via a webserver redirect that defined the
variable), and the external customers still use the RT database. Is this
doable ?
Cheers,
Al
That looks like just what I need… thanks !
One more question… it says in config.pm that RT will ‘defer’ to
REMOTE_USER. Does it only do that if REMOTE_USER is defined (I’d test but
I don’t have a test instance running right now…)
Take a read through the configuration file. If you still have questions,
ask again.
Date: Sun, 6 Jun 2004 18:30:33 -0400
From: Jesse Vincent jesse@bestpractical.com
To: Alan Horn ahorn@deorth.org
Cc: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Authenticating to RT using PAM ?That looks like just what I need… thanks !
One more question… it says in config.pm that RT will ‘defer’ to
REMOTE_USER. Does it only do that if REMOTE_USER is defined (I’d test but
I don’t have a test instance running right now…)Take a read through the configuration file. If you still have questions,
ask again.
I did that… I see two things that seem relevant :
LookupExternalUserInfo structure
and
If $WebExternalAuth is defined, RT will defer to the environment’s
REMOTE_USER variable.
$WebExternalAuth = undef;
So my question is… if I define $WebExternalAuth and then don’t define
$REMOTE_USER via the webserver, will RT then fall through to its internal
authentication database.
It’s not clear to me from reading the configuration file that it will, or
won’t.
I should of course mention that this is RT2.0.15 (sorry for not stating
that earlier)
Cheers,
Al
Take a read through the configuration file. If you still have questions,
ask again.I did that… I see two things that seem relevant :
So my question is… if I define $WebExternalAuth and then don’t define
$REMOTE_USER via the webserver, will RT then fall through to its internal
authentication database.
Look again for:
$WebFallbackToInternalAuth
$WebExternalGecos
$WebExternalAuto
Thanks,
/Autrijus/
So my question is… if I define $WebExternalAuth and then don’t define
$REMOTE_USER via the webserver, will RT then fall through to its internal
authentication database.Look again for:
$WebFallbackToInternalAuth
$WebExternalGecos
$WebExternalAutoThanks,
/Autrijus/
These variables are not in my (2.0.15) config.pm file. I don’t recall
deleting them, but it’s possible. The original file in my distribution
doesn’t seem to have them either.
Is this an RT3 thing ?
Look again for:
$WebFallbackToInternalAuth
$WebExternalGecos
$WebExternalAutoThese variables are not in my (2.0.15) config.pm file. I don’t recall
deleting them, but it’s possible. The original file in my distribution
doesn’t seem to have them either.Is this an RT3 thing ?
Oh. Yes. You really want RT3 if you want falling back to internal auth.
I also hear that rt2-to-rt3 converter is quite robust nowadays. 
Thanks,
/Autrijus/