RT and http external authentication


#1

RT Version: 1.0.2
System: Sun Ultra 2 running 5.6 with Recommended and Y2K patches installed.
Perl: perl5.00502
Browser: 4.61
Local mods: None

NEW INSTALLATION QUESTIONS:

Problem 1: We are using http authentication instead of cookies because
our user base is about 200 people in the group. We did not
want to have to re-enter (or have the users re-enter) data
that is already stored in our http authentication file.

    That said... A user that doesn't have a specific RT account
    in the RT database but is authenticated via the external 
    method cannot see the open tickets in the database.  Also
    when that user clicks "Logout" it never actually logs the 
    user out.  It is probably a mistake on my part in the installation
    but I am not sure what I mucked up.

    We would like any user that gets authenticated to be able to
    view all open tickets without having a specific RT account.

Problem 2: I have probably screwed up allowing users on other
machines than the server that the RT app is running on
to use the command line interface to create tickets.
We get the following error when we try to run the rt commands
from a machine other than our server (server=ambia while the
user is sitting at a machine named carib).

    ERROR:
    carib 171 /u/rt/bin > ./rt
    Mysql->connect failed: Host 'carib' is not allowed to connect to this MySQL server at /u/rt/lib/rt/database.pm line 24
    [connectdb] Database connect failed: Host 'carib' is not allowed to connect to this MySQL server

Sorry if these issues are documented elsewhere and I have added mail to
the scads you all probably receive. Please point me to the correct doc
if this is indeed the case.

Thanks for your time.
Chris

  • Chris Blackmor _______ | A fine is a tax for doing *
  • Advanced Micro Devices ____ | | wrong *
  • Phone: (512) 602-1608 /| | | | A tax is a fine for doing *
  • Fax: (512) 602-5155 | |___| | | well *
  • Email: chris.blackmor@amd.com |____/ | | Author Unknown*
  •                 My comments are mine, and mine alone.                 *

#2

NEW INSTALLATION QUESTIONS:

Problem 1: We are using http authentication instead of cookies because
our user base is about 200 people in the group. We did not
want to have to re-enter (or have the users re-enter) data
that is already stored in our http authentication file.

  That said... A user that doesn't have a specific RT account
  in the RT database but is authenticated via the external 
  method cannot see the open tickets in the database.  Also
  when that user clicks "Logout" it never actually logs the 
  user out.  It is probably a mistake on my part in the installation
  but I am not sure what I mucked up.

  We would like any user that gets authenticated to be able to
  view all open tickets without having a specific RT account.

Hrm. RT doesn’t generally have this functionality. maybe a guest account would
work?

Problem 2: I have probably screwed up allowing users on other
machines than the server that the RT app is running on
to use the command line interface to create tickets.
We get the following error when we try to run the rt commands
from a machine other than our server (server=ambia while the
user is sitting at a machine named carib).

  ERROR:
  carib 171 /u/rt/bin > ./rt
  Mysql->connect failed: Host 'carib' is not allowed to connect to this MySQL server at /u/rt/lib/rt/database.pm line 24
  [connectdb] Database connect failed: Host 'carib' is not allowed to connect to this MySQL server

Well, you’ll need to read up on how to grant another host mysql access at www.mysql.com. Also, you’ll need to make sure that your RT installation is nfs mounted
and accessable on all the hosts you want this to work on.

Sorry if these issues are documented elsewhere and I have added mail to
the scads you all probably receive. Please point me to the correct doc
if this is indeed the case.

Thanks for your time.
Chris

  • Chris Blackmor _______ | A fine is a tax for doing *
  • Advanced Micro Devices ____ | | wrong *
  • Phone: (512) 602-1608 /| | | | A tax is a fine for doing *
  • Fax: (512) 602-5155 | |___| | | well *
  • Email: chris.blackmor@amd.com |____/ | | Author Unknown*

  •                 My comments are mine, and mine alone.                 *
    


rt-users mailing list
rt-users@lists.fsck.com
http://lists.fsck.com/mailman/listinfo/rt-users

jesse reed vincent – jrvincent@wesleyan.edujesse@fsck.com
pgp keyprint: 50 41 9C 03 D0 BC BC C8 2C B9 77 26 6F E1 EB 91
Transporters are so ungodly. if god had wanted us to travel great distances
instantaneously, he would have given us an internal
materialisation/dematerialisation control.
– Shoshe Cole


#3

Problem 1: We are using http authentication instead of cookies because
our user base is about 200 people in the group. We did not
want to have to re-enter (or have the users re-enter) data
that is already stored in our http authentication file.

I'm also using external authentication and the only way I was able

to get full RT support was to import the usernames into RT. Thankfully,
using the CLI I was able to automate this. The RT password field is then
meaningless, but you still can use RT to limit who can view what in the
queue. Although, that maybe more work than you need to get the
functionality…

– Daniel R. danielr@ccs.neu.edu [http://www.ccs.neu.edu/home/danielr/]