LDAP Overlay and automated logins

Is it possible to pass the username and password to RT in the link?

we are running RT3.6.3 with the LDAP overlay. I realize the user would
not be terribly secure but i am looking for an easy way to direct many
people into a single login without too many steps.

–Ryan

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1On Monday, 29.01.2007 at 16:40 -0800, Ryan Hardester wrote:

Is it possible to pass the username and password to RT in the link?

we are running RT3.6.3 with the LDAP overlay. I realize the user would
not be terribly secure but i am looking for an easy way to direct many
people into a single login without too many steps.

Do you mean so that the users don’t have to explicitly login? And do
you mean by “direct many people into a single login”, that you plan to
have many users sharing a single RT account?

This sounds like a very unusual setup: can you explain why you want to
do this?

Dave.


Dave Ewart
davee@ceu.ox.ac.uk
Computing Manager, Cancer Epidemiology Unit
Cancer Research UK / Oxford University
PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370
Get key from http://www.ceu.ox.ac.uk/~davee/davee-ceu-ox-ac-uk.asc
N 51.7518, W 1.2016
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFvwgXbpQs/WlN43ARAmUyAKDtze8UuWthxiQ+V6/Ljgload69/QCg53Ml
wuIt2LtoZo1jVHYq3GSGH+c=
=ZpDp
-----END PGP SIGNATURE-----

I have previously used auto-login, but not in combination with LDAP, it
has been through the use of browser certificates - perhaps worth
considering if LDAP is not absolutely key to your setup. Sorry to not be
of more help.

Kind Regards,

Mike Peachey, IT
Tel: +44 (0) 114 281 2655
Fax: +44 (0) 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
http://www.jennic.com
Confidential

Dave Ewart wrote:> On Monday, 29.01.2007 at 16:40 -0800, Ryan Hardester wrote:

Is it possible to pass the username and password to RT in the link?

we are running RT3.6.3 with the LDAP overlay. I realize the user would
not be terribly secure but i am looking for an easy way to direct many
people into a single login without too many steps.

Do you mean so that the users don’t have to explicitly login? And do
you mean by “direct many people into a single login”, that you plan to
have many users sharing a single RT account?

This sounds like a very unusual setup: can you explain why you want to
do this?

Dave.
The rt-users Archives

Community help: http://wiki.bestpractical.com
Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com

I have started digging myself into a hole, and my solution is to use RT to fill the hole :slight_smile:

I redirected our webmaster email address into RT. Problem there is there are 2 issues that are generally sent into this address website issues, and customer service issues for our finance dept. They already have an e-mail address for “customer service” requests. The people who check that mailbox are less than technologically savvy. I’d like to have the customer service address dump into RT, and create a local user for them to log in as one user since more than one person can access/respond to issues. Then when an issue for them comes in to the Webmaster queue for them we just assign it to them and they can deal with it within RT. As it is we are having to get the message out of RT into that mailbox which isn’t as easy as just assigning it. Security on this queue isn’t a big deal to us, and I think the tracking of the issues would be a plus to them.

So what I am looking to happen is have a URL I can make a favorite (and ultimately drag into their outlook bar so they can launch it within outlook) that will just open them up into the self service interface for that user without a password prompt. This user won’t be working with LDAP as it will be local, but I don’t know if the ldap overlay changes the potential for making that happen. We’ll still want all the other users to use username/password.

–RyanFrom: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Dave Ewart
Sent: Tuesday, January 30, 2007 12:56 AM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] Re: LDAP Overlay and automated logins

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You could probably create a copy of the login form but make the login
and password fields hidden fiends and populate them with the data. You
can then point that user at that address and it’d drop them into RT all
logged in.

I ask though, why would you want to do this? Even our least savvy
computer users still have to use passwords. It’s a matter of security.
People can learn to type in a password.

Ryan Hardester wrote:

The way it works now there is a separate exchange mailbox that they have added into their exchange. There is no separate login to access this information. If I want to replace it I have been told that I have to keep the level of complexity the same for the users involved. The Self Service interface with a single login for them would accomplish this. The only problem is that this creates a new password for them to have to remember, or just put on their monitor, which would defeat the security of the user as much as having an autologin.

–RyanFrom: rt-users-bounces@lists.bestpractical.com [mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of John Arends
Sent: Wednesday, January 31, 2007 9:34 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] Re: LDAP Overlay and automated logins

You could probably create a copy of the login form but make the login and password fields hidden fiends and populate them with the data. You can then point that user at that address and it’d drop them into RT all logged in.

I ask though, why would you want to do this? Even our least savvy computer users still have to use passwords. It’s a matter of security.
People can learn to type in a password.

Ryan Hardester wrote:

I have started digging myself into a hole, and my solution is to use RT to fill the hole :slight_smile:

I redirected our webmaster email address into RT. Problem there is there are 2 issues that are generally sent into this address website issues, and customer service issues for our finance dept. They already have an e-mail address for “customer service” requests. The people who check that mailbox are less than technologically savvy. I’d like to have the customer service address dump into RT, and create a local user for them to log in as one user since more than one person can access/respond to issues. Then when an issue for them comes in to the Webmaster queue for them we just assign it to them and they can deal with it within RT. As it is we are having to get the message out of RT into that mailbox which isn’t as easy as just assigning it. Security on this queue isn’t a big deal to us, and I think the tracking of the issues would be a plus to them.

So what I am looking to happen is have a URL I can make a favorite (and ultimately drag into their outlook bar so they can launch it within outlook) that will just open them up into the self service interface for that user without a password prompt. This user won’t be working with LDAP as it will be local, but I don’t know if the ldap overlay changes the potential for making that happen. We’ll still want all the other users to use username/password.

–Ryan

-----Original Message-----
From: rt-users-bounces@lists.bestpractical.com
[mailto:rt-users-bounces@lists.bestpractical.com] On Behalf Of Dave
Ewart
Sent: Tuesday, January 30, 2007 12:56 AM
To: rt-users@lists.bestpractical.com
Subject: [rt-users] Re: LDAP Overlay and automated logins

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Is it possible to pass the username and password to RT in the link?

we are running RT3.6.3 with the LDAP overlay. I realize the user
would not be terribly secure but i am looking for an easy way to
direct many people into a single login without too many steps.

Do you mean so that the users don’t have to explicitly login? And do you mean by “direct many people into a single login”, that you plan to have many users sharing a single RT account?

This sounds like a very unusual setup: can you explain why you want to do this?

Dave.


Dave Ewart
davee@ceu.ox.ac.uk
Computing Manager, Cancer Epidemiology Unit Cancer Research UK /
Oxford University
PGP: CC70 1883 BD92 E665 B840 118B 6E94 2CFD 694D E370 Get key from
http://www.ceu.ox.ac.uk/~davee/davee-ceu-ox-ac-uk.asc
N 51.7518, W 1.2016
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFvwgXbpQs/WlN43ARAmUyAKDtze8UuWthxiQ+V6/Ljgload69/QCg53Ml
wuIt2LtoZo1jVHYq3GSGH+c=
=ZpDp
-----END PGP SIGNATURE-----


The rt-users Archives

Community help: http://wiki.bestpractical.com Commercial support:
sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com


The rt-users Archives

Community help: http://wiki.bestpractical.com Commercial support:
sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com
The rt-users Archives

Community help: http://wiki.bestpractical.com Commercial support: sales@bestpractical.com

Discover RT’s hidden secrets with RT Essentials from O’Reilly Media.
Buy a copy at http://rtbook.bestpractical.com