RT: Difference between revisions

From RavenWiki
Jump to navigationJump to search
(Created)
 
 
(6 intermediate revisions by 3 users not shown)
Line 1: Line 1:
Best Practical's 'RT: Request Tracker' enterprise-grade ticketing system (http://www.bestpractical.com/rt/) can be used with Raven by protecting an RT installation with the mod_ucam_webauth authentication module and configuring RT to user Apache authentication by setting the WebExternalAuth configuration parameter to a true value in the RT configuration file.
Best Practical's 'RT: Request Tracker' enterprise-grade ticketing system (http://www.bestpractical.com/rt/) can be used with Raven by protecting an RT installation with the mod_ucam_webauth authentication module and configuring RT to user Apache authentication by setting the WebExternalAuth configuration parameter to a true value in the RT configuration file.
However, this breaks any access from scripts (e.g. rt-mailgate and the rt command-line client) as they expect to see RT's own login page and not a redirect to Raven. A compromise can be achieved by setting WebFallbackToInternalAuth to true in the RT configuration file, and configuring mod_ucam_webauth with AAAlwaysDecode On and ''without'' a Require directive. This has the effect of allowing anyone who has already authenticated to Raven and who has a RT account to be granted access to RT without logging in again. Anyone accessing RT without a Raven cookie will be presented with the RT login page (which could be modified to present a link to log in via Raven).
Another option to ensure that rt-mailgate continues to work after setting up Raven authentication is this:
* In the RT_Siteconfig.pm, '''Set($WebFallbackToInternalAuth, 1);'''
* Set '''allow from your.rt.host''' in your apache config, together with '''satisfy any'''
* This has the advantage of not requiring any mod to your RT homepage.
== AutoCreated Users ==
To enable users autocreated by email with @cam.ac.uk or @hermes.cam.ac.uk addresses  to login to SelfService via Raven,  and see their tickets, this overlay for the LoadOrCreateByEmail  uses just the CRSID part for the username.
Save to User_Local.pm in your local directory
[[File:User_Local.txt]]

Latest revision as of 11:49, 18 September 2013

Best Practical's 'RT: Request Tracker' enterprise-grade ticketing system (http://www.bestpractical.com/rt/) can be used with Raven by protecting an RT installation with the mod_ucam_webauth authentication module and configuring RT to user Apache authentication by setting the WebExternalAuth configuration parameter to a true value in the RT configuration file.

However, this breaks any access from scripts (e.g. rt-mailgate and the rt command-line client) as they expect to see RT's own login page and not a redirect to Raven. A compromise can be achieved by setting WebFallbackToInternalAuth to true in the RT configuration file, and configuring mod_ucam_webauth with AAAlwaysDecode On and without a Require directive. This has the effect of allowing anyone who has already authenticated to Raven and who has a RT account to be granted access to RT without logging in again. Anyone accessing RT without a Raven cookie will be presented with the RT login page (which could be modified to present a link to log in via Raven).

Another option to ensure that rt-mailgate continues to work after setting up Raven authentication is this:

  • In the RT_Siteconfig.pm, Set($WebFallbackToInternalAuth, 1);
  • Set allow from your.rt.host in your apache config, together with satisfy any
  • This has the advantage of not requiring any mod to your RT homepage.


AutoCreated Users

To enable users autocreated by email with @cam.ac.uk or @hermes.cam.ac.uk addresses to login to SelfService via Raven, and see their tickets, this overlay for the LoadOrCreateByEmail uses just the CRSID part for the username.

Save to User_Local.pm in your local directory File:User Local.txt