Different authentication methods for different queues

Hello RT-Users,

I thought I’d come here first to see if anyone else has tried the above before I make life difficult for myself :slight_smile:

Like many of you here, we have an RT system at my place of employ. I mighty fine job it does as well…

We have our rt web interface behind https requiring authentication through LDAP.

However we have certain queues that would like to provide outsiders (that is, people outside our LDAP) to connect to, preferably with a more limited interface. Their authentication could be through something like .htpassword

Has anyone tried anything like this?

Regards,

Lev Lafayette (03) 9925 4909, Systems Administrator, Victorian Partnership for Advanced Computing
"If you are sending a reply to a message or a posting be sure you summarize the original at the top of the message, or include just enough text of the original to give a context. This will make sure readers understand when they start to read your response."
RFC 1855

We have our rt web interface behind https requiring authentication through LDAP.

However we have certain queues that would like to provide outsiders (that is, people outside our LDAP) to connect to, preferably with a more limited interface. Their authentication could be through something like .htpassword

Has anyone tried anything like this?

If you’re achieving your ldap auth via the apache module, it will be
more difficult. However, if you can use it, the
RT::Authen::ExternalAuth module will allow you to set up multiple
authentication sources.

http://wiki.bestpractical.com/view/ExternalAuth

I have it working using two ldap sources.

Andy Harrison
public key: 0x67518262

We have our rt web interface behind https requiring authentication through LDAP.

However we have certain queues that would like to provide outsiders (that is, people outside our LDAP) to connect to, preferably with a more limited interface. Their authentication could be through something like .htpassword

Has anyone tried anything like this?

If you’re achieving your ldap auth via the apache module, it will be
more difficult. However, if you can use it, the
RT::Authen::ExternalAuth module will allow you to set up multiple
authentication sources.

http://wiki.bestpractical.com/view/ExternalAuth

I have it working using two ldap sources.

If you’re using RT::Authen::ExternalAuth then you can just use
internal RT accounts and the SelfService UI and configure your rights
properly and you’ll get the feature the original poster sounds like he
was looking for.

-kevin

We have our rt web interface behind https requiring authentication
through LDAP.

However we have certain queues that would like to provide
outsiders (that is, people outside our LDAP) to connect to, preferably
with a more limited interface. Their authentication could be through
something like .htpassword

Has anyone tried anything like this?

If you’re achieving your ldap auth via the apache module, it will
be
more difficult. However, if you can use it, the
RT::Authen::ExternalAuth module will allow you to set up multiple
authentication sources.

http://wiki.bestpractical.com/view/ExternalAuth

I have it working using two ldap sources.

If you’re using RT::Authen::ExternalAuth then you can just use
internal RT accounts and the SelfService UI and configure your rights
properly and you’ll get the feature the original poster sounds like
he
was looking for.

I want to express my most sincere thanks to both Kevin and Andy for their
assistance here; exactly what I was looking for.

All the best,

Lev Lafayette, Systems Administrator, Victorian Partnership for Advanced Computing, lev@vpac.org
"If you are sending a reply to a message or a posting be sure you summarize the original at the top of the message, or include just enough text of the original to give a context. This will make sure readers understand when they start to read your response." RFC 1855
110 Victoria Street phone: 03 9925 4909
Carlton South, Victoria 3053, Australia mobile: 0432 255 208