RT::Authen::ExternalAuth v0.08 Released

Mike_Peachey · January 24, 2009, 3:27pm

I am delighted to announce the release RT::Authen::ExternalAuth v0.08.

ExternalAuth now provides you with a simple method for authenticating
your users and updating user information from external data sources such
as LDAP and MySQL as well as providing the capability to use single
sign-on cookie authentication with another web application such as your
own custom website.

All developer releases are now deprecated and unsupported; all users of
ExternalAuth with RT-3.8 should use ExternalAuth v0.08 only.

Users of RT-3.6 should consider upgrading to RT-3.8. For those who
can’t, ExternalAuth v0.08 might work but v0.05 is the recommended
version and is still available on CPAN.

How to get it:

Use the tarball attached to this e-mail
Install via CPAN (cpan -i RT::Authen::ExternalAuth)
Download the tarball from CPAN:
http://www.cpan.org/authors/id/Z/ZO/ZORDRAK/RT-Authen-ExternalAuth-0.08.tar.gz
Check-out from the subversion repository using the 0.08 version tag:
http://code.bestpractical.com/bps-public/RT-Authen-ExternalAuth/tags/0.08

More information is available on the wiki:
http://wiki.bestpractical.com/view/ExternalAuth

Thank you to all those who helped test ExternalAuth to destruction and
those who provided inspiration for feature development. Special thanks
go to Kevin Falcone for his help in development.
Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com

RT-Authen-ExternalAuth-0.08.tar.gz (38.5 KB)

Mike_Peachey · January 26, 2009, 9:25am

Nehmer Torben wrote:

Hello Mike,

first, let me thank you for the impressive work you are doing here with this plugin.

I have one question though:

On the list there were repeated reports of problems with users created from LDAP on one side and from the mail gateway on the other.

In our environment, both LDAP-created users and Mail Gateway Auto-created users naturally have the same E-Mail address, as we are using RT as an helpdesk system.

Now let’s say, john@doe.org first submits a ticket via E-Mail. RT now creates both username and email set to this E-Mail address.

If our John Doe later on tries to log on using LDAP (f.x. by clicking one of the ticket links) using his domain account (e.g. “john”), ExternalAuth does correctly authenticate him (according to the logs) but fails to create the user:

ExternalAuth at this point tries to create a user “john” with the E-Mail address “john@doe.org”, which RT refuses due to the duplicate E-Mail in the user base.

I haven’t found anything in the Changelog for 0.08 which indicates that this problem is fixed. However, it is a major problem at our site, as it makes the automatic LDAP user management mostly ineffective for us.

Is there any way to solve this problem?

This is currently a high-priority issue to be addressed for v0.09. Up to
now ExternalAuth has only been concerned with managed environments in
which users would be expected to log in once via the web-interface
before use.

I will post to the list when I can advise further about the solution and
expected release.
Kind Regards,

Mike Peachey, IT
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England