RT: Difference between revisions
(Created) |
(Caveats with the suggested config, and a possible workaround) |
||
| Line 1: | Line 1: | ||
Best Practical's 'RT: Request Tracker' enterprise-grade ticketing system (http://www.bestpractical.com/rt/) can be used with Raven by protecting an RT installation with the mod_ucam_webauth authentication module and configuring RT to user Apache authentication by setting the WebExternalAuth configuration parameter to a true value in the RT configuration file. | Best Practical's 'RT: Request Tracker' enterprise-grade ticketing system (http://www.bestpractical.com/rt/) can be used with Raven by protecting an RT installation with the mod_ucam_webauth authentication module and configuring RT to user Apache authentication by setting the WebExternalAuth configuration parameter to a true value in the RT configuration file. | ||
However, this breaks any access from scripts (e.g. rt-mailgate and the rt command-line client) as they expect to see RT's own login page and not a redirect to Raven. A compromise can be achieved by setting WebFallbackToInternalAuth to true in the RT configuration file, and configuring mod_ucam_webauth with AAAlwaysDecode On and ''without'' a Require directive. This has the effect of allowing anyone who has already authenticated to Raven and who has a RT account to be granted access to RT without logging in again. Anyone accessing RT without a Raven cookie will be presented with the RT login page (which could be modified to present a link to log in via Raven). | |||
Revision as of 23:04, 23 January 2006
Best Practical's 'RT: Request Tracker' enterprise-grade ticketing system (http://www.bestpractical.com/rt/) can be used with Raven by protecting an RT installation with the mod_ucam_webauth authentication module and configuring RT to user Apache authentication by setting the WebExternalAuth configuration parameter to a true value in the RT configuration file.
However, this breaks any access from scripts (e.g. rt-mailgate and the rt command-line client) as they expect to see RT's own login page and not a redirect to Raven. A compromise can be achieved by setting WebFallbackToInternalAuth to true in the RT configuration file, and configuring mod_ucam_webauth with AAAlwaysDecode On and without a Require directive. This has the effect of allowing anyone who has already authenticated to Raven and who has a RT account to be granted access to RT without logging in again. Anyone accessing RT without a Raven cookie will be presented with the RT login page (which could be modified to present a link to log in via Raven).
