Fresh install, REST 1.0 folders are returning HTML code instead of running scripts

SwampHuksy · April 15, 2025, 7:43pm

Hello! We are migrating from an old 4.4.1 install to 5.0.7. I did a fresh install of 5.0.7 on a new server, dumped/migrated/upgraded the old database. The actual web site works fine, the users are in there working on tickets. No problems with any of that.

The only problem I’m having now is that I can’t get the REST 1.0 API to work, specifically with the rt-mailgate. We use fetchmail to pull waiting e-mails into the system from an IMAP server.

When I run it, instead of bringing the e-mails into RT, it just dumps a copy of the RT login page and “The RT server which handled your email did not behave as expected”.

No matter what path I try to go to via curl when testing, it returns that same page. Tried url/REST/1.0 by itself, and url/REST/1.0/NoAuth/mail-gateway. No matter what I do it just returns that same RT login page.

RT itself is behind a CAS authentication, and I’ve exempted the local server from that as you’ll see below. I had the same setup on the old server, just with the older Apache directives. So it’s not hitting CAS, but it’s getting a 302 redirect to /NoAuth/Login.html no matter what I do.

The old server was Apache 2.2 and using fastcgi. The new one is Apache 2.4 using fcgid, so between the new Apache directives and the configuration for fcgid being different than fastcgi I’m sure I missed something somewhere.

I am using the MPM Prefork.

What would cause Apache to treat the REST pages like regular HTML pages and force a redirect to it’s own login?

Here’s my Apache conf:

<VirtualHost x.x.x.x:443>
    DocumentRoot /opt/rt5/share/html
    ServerName server.name:443
    ErrorLog logs/rt-error_log
    CustomLog logs/rt-access_log common

  CASLoginURL "https://casurl"
  CASValidateURL "https://casvalurl"
  CASTimeout 43200
  CASIdleTimeout 43200

AddDefaultCharset UTF-8
Alias /NoAuth/images/ /opt/rt5/share/html/NoAuth/images/
ScriptAlias / /opt/rt5/sbin/rt-server.fcgi/

<Location />
        Options +ExecCGI
        AddHandler fcgid-script fcgi
        Require ip x.x.x.x # Set to allow local server to bypass CAS. 
        Require valid-user
        AuthType CAS
        AuthName "CAS Stuff"
</Location>
</VirtualHost>

Here’s my fcgid.conf:

AddHandler fcgid-script fcg fcgi fpl
FcgidIPCDir /run/mod_fcgid
FcgidProcessTableFile /run/mod_fcgid/fcgid_shm
FcgidMaxRequestLen 1073741824

IdleTimeout 300
BusyTimeout 300
ProcessLifeTime 7200
IPCConnectTimeout 300
IPCCommTimeout 7200

Here’s the logs showing the connection, and then the redirect to the Login page:

[15/Apr/2025:15:02:58 -0400] "POST /REST/1.0/NoAuth/mail-gateway HTTP/1.1" 302 -
[15/Apr/2025:15:02:58 -0400] "POST /NoAuth/Login.html?next=f9499884d6176706a37a5ea130cc5e2a HTTP/1.1" 200 5541

Any help would be appreciated!

sollericos · April 16, 2025, 5:13am

Hi. Following the docs (I can’t remember which one) try adding the following inside virtualhost section:

<VirtualHost>
.
.
.
        <Location /REST/1.0/NoAuth/mail-gateway>
                Require local
        </Location>
</VirtualHost>