RT::Authen::ExternalAuth processing question

Scenario:
public_LDAP - university LDAP server
dept_LDAP - departmental LDAP server

I have RT::Authen::ExternalAuth configured to use dept_LDAP for
authentication and public_LDAP for additional information via:
Set($ExternalAuthPriority, [ ‘dept_LDAP’ ] );
Set($ExternalInfoPriority, [ ‘public_LDAP’ ] );

The problem/curiosity is that when authentication fails using
dept_LDAP, RT::Authen::ExternalAuth still tries to retrieve additional
information using public_LDAP. When authentication fails, I don’t
want/need additional information. This seems unnecessary.

Am I missing something? Do I have RT::Authen::ExternalAuth
incorrectly configured?

Thanks, in advance, for your help,

Mike

boxyzzy@gmail.com wrote:

Scenario:
public_LDAP - university LDAP server
dept_LDAP - departmental LDAP server

I have RT::Authen::ExternalAuth configured to use dept_LDAP for
authentication and public_LDAP for additional information via:
Set($ExternalAuthPriority, [ ‘dept_LDAP’ ] );
Set($ExternalInfoPriority, [ ‘public_LDAP’ ] );

The problem/curiosity is that when authentication fails using
dept_LDAP, RT::Authen::ExternalAuth still tries to retrieve additional
information using public_LDAP. When authentication fails, I don’t
want/need additional information. This seems unnecessary.

Am I missing something? Do I have RT::Authen::ExternalAuth
incorrectly configured?

It would depend on your setup as to whether it’s truly necessary or not,
but it does it so that certain information definitely gets updated. For
example, IIRC whether the user is disabled or not is an Info thing not
an Auth thing, so updating the Info is worth doing.

It’s not perfect and it’s been a long time since I’ve touched it… but
if you want to change it, you know where the source is :slight_smile:

Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com