LDAP and autohandler

Hi All!

I’m trying to get our new RT installation (2.0.11) running with LDAP, and I
could really use some help. My Unix knowledge is pretty good, but I’m
definitely not a programmer! I’ll get to my problems in a minute.

Jesse,

Having gone down the “Clarify” road (courtesy our IS department), and turned
to RT2 instead, I really have to say that you have a wonderful product here.
RT2 does more in my application (supporting an R&D environment of 500 users,
with a support team of 6 lab techs) than “Clarify” could ever do. I’m
really impressed with RT, and I haven’t even got the mail gateway up yet
(waiting on IS to point my e-mail addresses to my server). Lots of people
seem to need or want LDAP authentication; I’m wondering if you could build
it in to the base system, and if people need it, they could copy over the
appropriate files much like nsswitch.conf.
(i.e. cp autohandler.LDAP autohandler and cp config.LDAP config.pm). Just
a thought…

Now, on to my LDAP woes… If anyone has a working version of this that
they’d like to post or e-mail me, your help would be greatly appreciated!
I’m under the gun to get this running ASAP, because my 5 team members and I
are just drowning in work!

I’ve put in the LDAP mod for External Users into config.pm. I’ve also tried
the autohandler mod shown in the following link (I have e-mailed the
contributor off list, and I’m hoping he’s still around to be able to
answer).

http://lists.fsck.com/pipermail/rt-users/2001-September/004423.html

I would like to go with the autohandler route as opposed to just turning on
the WebExternalAuth, as RT’s login screen is much nicer, and the ability to
’logout’ is a requirement in my lab environment, where many users share
workstations.

The problems I’m having with the autohandler mod is that root can’t log-in
(mason errors) and something’s not quite right with our LDAP
authentication… I keep getting
Error
Login failed: LDAP_NO_SUCH_OBJECT

I think my LDAP problem may be in this line

my $dn = “uid=” . $user . “,o=our company, c=ca”;

but I can’t see what’s wrong with this.

Here’s the mason error for root logins:

error in file: /usr/local/rt2/WebRT/data/obj/STANDARD/autohandler
line 72: Can’t call method “id” on an undefined value

context: …
68: }
69:
70: } else

71:
72: unless ($session{‘CurrentUser’}->id() )

73: delete $session{‘CurrentUser’};
74: $m->comp(’/Elements/Login’, %ARGS, Error=> ‘Your username or password
is incorrect’);
75: $m->abort();
76: };

component stack: /autohandler [standard]

code stack: /usr/local/rt2/WebRT/data/obj/STANDARD/autohandler:72

raw_error

raw error:

error while executing /autohandler [standard]:
Can’t call method “id” on an undefined value at
/usr/local/rt2/WebRT/data/obj/STANDARD/autohandler line 72, line 1.
HTML::Mason::Interp::ANON(‘Can’t call method “id” on an undefined value
at /usr/local/rt2/…’) called at
/usr/local/rt2/WebRT/data/obj/STANDARD/autohandler line 72
HTML::Mason::Commands::ANON(‘pass’, ‘labsup’, ‘user’, ‘root’) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Component.pm line 131
HTML::Mason::Component::run(‘HTML::Mason::Component::FileBased=HASH(0x109eb7
c)’, ‘pass’, ‘labsup’, ‘user’, ‘root’) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Request.pm line 653
eval {…} called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Request.pm line 653
HTML::Mason::Request::comp(‘HTML::Mason::Request::ApacheHandler=HASH(0x10859
b4)’, ‘HASH(0x108d7d4)’,
‘HTML::Mason::Component::FileBased=HASH(0x109eb7c)’, ‘pass’, ‘labsup’,
‘user’, ‘root’) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Request.pm line 159
eval {…} called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Request.pm line 159
HTML::Mason::Request::exec(‘HTML::Mason::Request::ApacheHandler=HASH(0x10859
b4)’, ‘/index.html’, ‘pass’, ‘labsup’, ‘user’, ‘root’) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/ApacheHandler.pm line 914
HTML::Mason::ApacheHandler::handle_request_1(‘HTML::Mason::ApacheHandler=HAS
H(0xf369fc)’, ‘Apache=SCALAR(0xfb5678)’,
‘HTML::Mason::Request::ApacheHandler=HASH(0x10859b4)’, undef) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/ApacheHandler.pm line 560
eval {…} called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/ApacheHandler.pm line 560
HTML::Mason::ApacheHandler::handle_request(‘HTML::Mason::ApacheHandler=HASH(
0xf369fc)’, ‘Apache=SCALAR(0xfb5678)’) called at
/usr/local/rt2/bin/webmux.pl line 165
RT::Mason::handler(‘Apache=SCALAR(0xfb5678)’) called at /dev/null line 0
eval {…} called at /dev/null line 0

Any help would be greatly appreciated! Thanks for your time, and for wading
through this huge e-mail!

Michael K. Brown
Lab Technician
ATM Engineering Services - Lab Services
Tel: (613) 784-4354
michael.k.brown@alcatel.com

The line below tells you that Net::LDAP could not find any
objects …

  • I think you have the DN/and or base wrong.

The build of the DN is important, if you do not have the exact structure
of you schema, you might just want to connect first and do a search
along the lines of

(&(objectclass=inetorgperson)(uid=$uid))

Where the $uid should correspond to an existing $uid in the Directory.

I put an “Offline” or batch oriented contrib up there in the contrib-2.0
director, it’s called
LDAPsynch.tar.gz or something like that, you could steal some code
from there, I do a similar thing - just scan through all email addresses
and copy data over from LDAP so all of our users have correct
phone-numbers and addresses…

/JE

Login failed: LDAP_NO_SUCH_OBJECT

I think my LDAP problem may be in this line

my $dn = “uid=” . $user . “,o=our company, c=ca”;

but I can’t see what’s wrong with this.

Here’s the mason error for root logins:

error in file: /usr/local/rt2/WebRT/data/obj/STANDARD/autohandler
line 72: Can’t call method “id” on an undefined value

context: …
68: }
69:
70: } else

71:
72: unless ($session{‘CurrentUser’}->id() )

73: delete $session{‘CurrentUser’};
74: $m->comp(’/Elements/Login’, %ARGS, Error=> ‘Your username or password
is incorrect’);
75: $m->abort();
76: };

component stack: /autohandler [standard]

code stack: /usr/local/rt2/WebRT/data/obj/STANDARD/autohandler:72

raw_error

raw error:

error while executing /autohandler [standard]:
Can’t call method “id” on an undefined value at
/usr/local/rt2/WebRT/data/obj/STANDARD/autohandler line 72, line 1.
HTML::Mason::Interp::ANON(‘Can’t call method “id” on an
undefined value
at /usr/local/rt2/…’) called at
/usr/local/rt2/WebRT/data/obj/STANDARD/autohandler line 72
HTML::Mason::Commands::ANON(‘pass’, ‘labsup’, ‘user’, ‘root’)
called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Component.pm line 131
HTML::Mason::Component::run(‘HTML::Mason::Component::FileBased=HAS
H(0x109eb7
c)’, ‘pass’, ‘labsup’, ‘user’, ‘root’) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Request.pm line 653
eval {…} called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Request.pm line 653
HTML::Mason::Request::comp(‘HTML::Mason::Request::ApacheHandler=HA
SH(0x10859
b4)’, ‘HASH(0x108d7d4)’,
‘HTML::Mason::Component::FileBased=HASH(0x109eb7c)’, ‘pass’, ‘labsup’,
‘user’, ‘root’) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Request.pm line 159
eval {…} called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/Request.pm line 159
HTML::Mason::Request::exec(‘HTML::Mason::Request::ApacheHandler=HA
SH(0x10859
b4)’, ‘/index.html’, ‘pass’, ‘labsup’, ‘user’, ‘root’) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/ApacheHandler.pm line 914
HTML::Mason::ApacheHandler::handle_request_1(‘HTML::Mason::ApacheH
andler=HAS
H(0xf369fc)’, ‘Apache=SCALAR(0xfb5678)’,
‘HTML::Mason::Request::ApacheHandler=HASH(0x10859b4)’, undef) called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/ApacheHandler.pm line 560
eval {…} called at
/usr/local/lib/perl5/site_perl/5.6.1/HTML/Mason/ApacheHandler.pm line 560
HTML::Mason::ApacheHandler::handle_request('HTML::Mason::ApacheHan
dler=HASH(