LdapOverlay: Difference between revisions
m (2 revisions imported) |
(No difference)
|
Latest revision as of 15:14, 6 April 2016
NOTE: Please see LdapSummary for an overview of the latest available implementations
This overlay code allows authentication from ldap without basic auth
See instructions in the source (top comments) on how to install this overlay code as .../lib/RT/User_Local.pm (and CleanlyCustomizeRT for more details on these overlays).
You'll find some discussion, hints and code on this message http://marc.free.net.ph/message/20040303.190901.a2d55cc6.html (2004-03-03)
You'll find an updated version with TLS support and authentication for only members of certain groups here: http://www.justatheory.com/computers/programming/perl/rt/User_Local.pm.ldap (2004-11-30)
If you set the DEBUG constant in this file, it will log plaintext passwords into your RT logs. You have been warned.
Discussion for this latest version may be found here: http://www.justatheory.com/computers/programming/perl/rt/ldap_auth.html
Basically, this is usefull for the following example situation :
- users submit requests by email and are then autocreated in the system as unpriviledged (default configuration). Now, they can use their email as login in RT. But they need to provide a password that will be authenticated with the LDAP server.
- you define which LDAP attribute will be used to match the login, for instance "uid" where you store the emails in your LDAP tree
- the password is authenticated if a LDAP bind is successfull and gives access to their bug reports
- the users can then track on the intranet (for instance) the state of all their requests to support/help-desk
- you want only members of a certain group to be able to login and use RT (optional)
- you want TLS (encrypted) communications with the LDAP server (optional)
-- When using this, users logging in see only a very abbreviated SelfServices screen here... Is that normal? They only see "OpenTickets", "Closed Tickets", "New Tickets", and "Preferences". They cannot see the Queues list even though group Everyone has this right. Am I missing something in my setup?
-- Fix the links again...
-- Alt version available here: www.justatheory.com/computers/programming/perl/rt/ldap_auth.html
This link is dead too: Ldap Overlay http://marc.free.net.ph/attach/3@20040303.190901.a2d55cc6.attach (Previous post http://thefeed.no/marcus/rt/User_Local.ldap.pm.txt) (original post http://lists.fsck.com/pipermail/rt-users/2003-March/012550.html)