ExternalAuth for only Auth

Is there a way to tell ExternalAuth to only Authenticate and forget about
trying to CanonicalizeUserInfo?

I create tickets through an external REST API and create the user at the
same time as the ticket. We have users that are in AD and do not have an
email address, I pull their address from a database.

Here is the relevant snippet from the log file:

[Thu Feb 16 00:57:18 2012] [debug]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
RT::Authen::ExternalAuth
/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
668 with: Disabled: , EmailAddress: user@hotmail.com, Name: jdoe,
Privileged: , RealName: John Doe
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565)
[Thu Feb 16 00:57:18 2012] [warning]: Use of uninitialized value $_[1] in
join or string at /usr/share/perl5/Log/Dispatch.pm line 21.
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
[Thu Feb 16 00:57:18 2012] [debug]: Attempting to get user info using this
external service:
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
[Thu Feb 16 00:57:18 2012] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Disabled: ,
EmailAddress: jdoe@hotmail.com, Name: jdoe, Privileged: , RealName: John
Doe
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651)
[Thu Feb 16 00:57:19 2012] [debug]: Got a resolved(inactive) ticket with
undefined resolved date. Setting to now.
(/usr/share/request-tracker3.8/lib/RT/Ticket_Overlay.pm:361)
[Thu Feb 16 00:57:19 2012] [error]: Unable to parse an email address from
jdoe: Couldn’t find row (/usr/share/request-tracker3.8/lib/RT/EmailParser.p

ExternalAuth Configuration

Set ( $ExternalAuthPriority, [ ‘GFU_LDAP’ ] );

#Set ( $ExternalInfoPriority, [ ‘GFU_LDAP’ ] );

Set($ExternalServiceUsesSSLorTLS, 0);

Set($AutoCreateNonExternalUsers, 0);

Set($ExternalSettings, {
‘GFU_LDAP’ => {
‘type’ => ‘ldap’,
‘server’ => ‘server.georgefox.edu’,
‘user’ => ‘CN=User,OU=Group,DC=Base,DC=Base,DC=edu’,
‘pass’ => ‘Password’,
‘base’ => ‘DC=Group,DC=Base,DC=edu’,
‘filter’ => ‘(objectClass=user)’,
‘d_filter’ => ‘(objectClass=Doesntexist)’,
‘tls’ => 0,
‘ssl_version’ => 3,
‘net_ldap_args’ => [ version => 3, port => 636 ],
‘group’ => ‘CN=User,OU=Group,DC=Base,DC=Base,DC=edu’,
‘group_attr’ => ‘member’,
‘attr_match_list’ => [‘Name’,],
‘attr_map’ => {‘Name’ => ‘sAMAccountName’,
‘EmailAddress’ => ‘mail’,
‘ExternalAuthId’ => ‘sAMAccountName’,
‘Gecos’ => ‘sAMAccountName’,
}
}
}
);

Before I commended out ExternalInfoPriority, this is what was in the log
file:

[Wed Feb 15 23:28:49 2012] [debug]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by
RT::Authen::ExternalAuth
/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm
668 with: Comments: Autocreated when added as a watcher, Disabled: ,
EmailAddress: , Name: , Privileged: , RealName: jdoe
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:565)
[Wed Feb 15 23:28:49 2012] [debug]: Attempting to get user info using this
external service: GFU_LDAP
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:573)
[Wed Feb 15 23:28:49 2012] [debug]: Attempting to use this canonicalization
key: Name
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:587)
[Wed Feb 15 23:28:49 2012] [debug]: This attribute ( Name ) is null or
incorrectly defined in the attr_map for this service ( GFU_LDAP )
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:589)
[Wed Feb 15 23:28:49 2012] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Comments:
Autocreated when added as a watcher, Disabled: , EmailAddress: , Name: ,
Privileged: , RealName: jdoe
(/usr/local/share/request-tracker3.8/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:651)
[Wed Feb 15 23:28:54 2012] [crit]: Failed to create user : Could not set
user info (/usr/share/request-tracker3.8/lib/RT/User_Overlay.pm:513)

Ryan Backman
Programmer / Analyst
George Fox University
503.554.2576

Is there a way to tell ExternalAuth to only Authenticate and forget about
trying to CanonicalizeUserInfo?

Yes - but rather than doing this:

#Set ( $ExternalInfoPriority, [ ‘GFU_LDAP’ ] );

try this

Set ( $ExternalInfoPriority, [ ] );

You also didn’t give your RT or RT-Authen-ExternalAuth versions and
your line numbers are odd enough that I can tell you’re using an older
version and I hesitate to suggest more without knowing exactly what’s
going on.

-kevin

I’m using RT 3.8.7 and RT-Authen-ExternalAuth 0.09_03.

Ryan Backman
Programmer / Analyst
George Fox University
503.554.2576On Thu, Feb 16, 2012 at 9:13 AM, Kevin Falcone falcone@bestpractical.comwrote:

You also didn’t give your RT or RT-Authen-ExternalAuth versions and
your line numbers are odd enough that I can tell you’re using an older
version and I hesitate to suggest more without knowing exactly what’s
going on.

I’m using RT 3.8.7 and RT-Authen-ExternalAuth 0.09_03.

Ok, so try with my recommended configuration and send the complete log
of the failure this time (you truncated the EmailParser error and
don’t show the actual failure in the first log, just the warnings from
ExternalAuth).

If you want to avoid needing to set an empty list, you can try the tip
of the git repo, which is one commit past 0.09_03

You may also want to tell us more about how you’re creating the
ticket and triggering the user creation. You should be aware that RT
always calls CanonicalizeUserInfo on user creation, but
RT-Authen-ExternalAuth should be a no-op in that case,

-kevin> On Thu, Feb 16, 2012 at 9:13 AM, Kevin Falcone <[1]falcone@bestpractical.com> wrote:

 You also didn't give your RT or RT-Authen-ExternalAuth versions and
 your line numbers are odd enough that I can tell you're using an older
 version and I hesitate to suggest more without knowing exactly what's
 going on.