LDAP auth

Hi,

I am having trouble getting the LDAP authentication to work.

Here are the relevant lines from RT_SiteConfig.pm:

If $WebExternalAuth is defined, RT will defer to the environment’s

REMOTE_USER variable.

Set($WebExternalAuth , 1);

If $WebFallbackToInternalAuth is undefined, the user is allowed a chance

of fallback to the login screen, even if REMOTE_USER failed.

Set($WebFallbackToInternalAuth , undef);

$WebExternalGecos means to match ‘gecos’ field as the user identity);

useful with mod_auth_pwcheck and IIS Integrated Windows logon.

Set($WebExternalGecos , undef);

$WebExternalAuto will create users under the same name as REMOTE_USER

upon login, if it’s missing in the Users table.

Set($WebExternalAuto , undef);

and in my apache config:

<VirtualHost *>
ServerName issue-tracker.webcentre.unimelb.edu.au
DocumentRoot /usr/local/share/rt/share/html/
Alias /NoAuth/images/ /usr/local/share/rt/share/html/NoAuth/images/
FastCgiIpcDir /tmp
FastCgiServer /usr/local/share/rt/bin/mason_handler.fcgi
-idle-timeout 120
AddHandler fastcgi-script fcgi
ScriptAlias / /usr/local/share/rt/bin/mason_handler.fcgi/

LDAP integration

<Directory /usr/local/share/rt/share/html/>
AuthType Basic
AuthName "Request Tracker Login"
AuthLDAPURL ldap://directory.unimelb.edu.au:389/o=The
University of Melbourne,c=AU?uid?sub?(objectclass=unimelbStaff)
require valid-user

After i login i see the following screen:

http://www.webcentre.unimelb.edu.au/~iain/rt/ldap.pdf

any ideas???

thanks, Iain.

Here are the relevant lines from RT_SiteConfig.pm:

Those settings look okay. did you stop and start apache after changing
RT_SiteConfig?

does the user exist? This just replaces RT’s authorization bit, you
still need to create the user. (unless you’re using the auto create)

seph

seph wrote:

Here are the relevant lines from RT_SiteConfig.pm:

Those settings look okay. did you stop and start apache after changing
RT_SiteConfig?

yep.

does the user exist? This just replaces RT’s authorization bit, you
still need to create the user. (unless you’re using the auto create)

yep.

did you see the screen shot? pretty weird.

Replying to myself…

Could it be that Fast CGI can’t access the variable REMOTE_USER? How
would i check this?

cheers, Iain.

Iain Pople wrote:

hi
sorry for my ignorance, but as I’m like fellow list-members in planning the move
from 3.0.9 to 3.2.1 here I’m once again in testing how long a whole insert of
our rt-database into a new database takes (yes, I have to do it the “right” way
for replication to work and other stuff). and the result is mysqldump is pretty
fast :slight_smile: - but the inserting is something I should plan for at least a weekend
(and always thought we had fast boxes g).

just for the goof I also tested this export+import thing using myisam tables and
(surprise surprise) that got it a lot faster :wink:

now - I don’t see relationships between the tables (references) and I deeply
believe rt v2 was running on myisam tables - now I really tried to find a
reference on “why innodb” or at least some transactional code in the sources,
but couldn’t find any (but hey, that’s me - not a specialst).

so my dumb question here: are innodb-tables necessary? (and why?)

thank you in advance
Harald Kapper, icq# 36178328 kapper.net, inc.
managing director, owner, loeblichgasse 6
chief executive officer 1090 vienna, .at
tel +43 1 3195500-0, fax +43 1 3195502, hk@kapper.net
--------------quote.of.the.day--------------
All programmers are optimists
– Frederick P. Brooks, Jr.

and here is the answer:

http://marc.free.net.ph/message/20030925.115423.829cb74d.html

Iain Pople wrote:

hi
still planning migration :wink:
(but already had some successfull runs from 309 to 321 and yet kept the
TemplateList from RT v2 :-o)

now to the performance-question - I tried to find out, but basically couldn’t
get a hold on whether fastcgi or mod_perl would bring a bigger speed up on
RTv321.

any suggestions here?

thx
hk