System authentication

Rob_Walker · February 9, 2002, 5:41am

We use the Internet as our infrastructure, so I am running our rt install
behind https. I can use system authentication in apache to look at our local
passwords, but then we get hit with rt’s authentication again. Is there any
code out there to tell rt to believe the username that apache hands to it?

I didn’t see this in the documentation or in the contrib directory at
fsck.com, but that doesn’t mean that someone out there isn’t doing it.

rob

Rob_Walker · February 9, 2002, 6:01am

We use the Internet as our infrastructure, so I am running our rt install
behind https. I can use system authentication in apache to look at our
local
passwords, but then we get hit with rt’s authentication again. Is there any
code out there to tell rt to believe the username that apache hands to it?

I forgot to mention one of my reasons for doing this. I already have to do a
web form for the non-technical users to change their passwords, and it would
be great if that would propogate to this system, too.

rob

bill · February 9, 2002, 6:33am

It’s a built-in feature (of both RT1 and RT2)… for RT2, see the
config.pm file:

If $WebExternalAuth is defined, RT will defer to the environment’s

REMOTE_USER variable.On Fri, 8 Feb 2002, Rob Walker wrote:

We use the Internet as our infrastructure, so I am running our rt install
behind https. I can use system authentication in apache to look at our local
passwords, but then we get hit with rt’s authentication again. Is there any
code out there to tell rt to believe the username that apache hands to it?

Rob_Walker · February 9, 2002, 6:41am

It’s a built-in feature (of both RT1 and RT2)… for RT2, see the
config.pm file:

If $WebExternalAuth is defined, RT will defer to the environment’s

REMOTE_USER variable.

Thank you. I remember reading this before. However, it was much too late at
night.

Does anyone have hooked on phonics I can borrow?

rob

Rob_Walker · February 9, 2002, 6:54am

It’s a built-in feature (of both RT1 and RT2)… for RT2, see the
config.pm file:

If $WebExternalAuth is defined, RT will defer to the environment’s

REMOTE_USER variable.

That is so cool the way it works, smooth like butter. Now, do I need to go
and update my REMOTE_USER user to have SuperUser rights in rt, so that he can
configure the stuff? I mean, is there a way to ‘su’ within rt?

rob

Bruce_Campbell · February 9, 2002, 7:46am

It’s a built-in feature (of both RT1 and RT2)… for RT2, see the
config.pm file:

If $WebExternalAuth is defined, RT will defer to the environment’s

REMOTE_USER variable.

That is so cool the way it works, smooth like butter. Now, do I need to go
and update my REMOTE_USER user to have SuperUser rights in rt, so that he can
configure the stuff? I mean, is there a way to ‘su’ within rt?

Not without already having the right to modify rights and being a
superuser initially. You will need to grant your user superuser
rights either by logging in as root, or setting it through the command
line.

                         Bruce Campbell                            RIPE
               Systems/Network Engineer                             NCC
             www.ripe.net - PGP562C8B1B                      Operations