Hi dwdixon, I wish I could show you a concrete working example. I had this working some time ago but abandoned it in favor of straight LDAP when we changed intranets.
I believe you have it not quite correct when you speak of trying to get the cookie from the browser to RT. Actually, it is the server side cookie you need be concerned about. The RT::Authen::ExternalAuth::DBI::Cookie provides a configuration for you to reach into the database of another system to match existing cookies against users. Imagine you have, say, a WordPress intranet that is configured to store a cookie each time a user logs in. As you probably know, that cookie is kept for the duration of the session and obviates the need for the user to login on each subsequent page visit. If you can configure said intranet (beyond the scope of the RT documentation unfortunately) to store those cookies into tables in, say, a MySQL database, RT::Authen::ExternalAuth::DBI::Cookie can use the same database to lookup those cookies and match them to a user in RT, thereby allowing the user to login to RT without a password as well. You don't need to write the cookies to RT's database, it will reach into the other database and look at them. I know I'm not getting you much further down the path but hopefully just a bit helpful. -John On Wed, Feb 10, 2016 at 2:36 PM, dwdixon <dwdi...@umich.edu> wrote: > > > > *CAVEAT* I've never used this module. > > > There is a link at the bottom of the > > https://metacpan.org/pod/RT::Authen::ExternalAuth::DBI::Cookie docs. > > I've pasted it below for convenience: > > > https://metacpan.org/pod/RT::Authen::ExternalAuth::DBI > > Thanks for the quick response- I did see that link and took a look, but I > was not certain I had to configure all of those details outlined at this > link you mentioned: https://metacpan.org/pod/RT::Authen::ExternalAuth::DBI > since I'm only going to be using the "My_SSO_Cookie" ExternalAuth and not > really directly using the "My_MySQL" external auth other than as a result > of > "My_SSO_Cookie" depending on it in at least some capacity it seems. Hope > that makes sense...I'm just trying to minimize my config to only use the > least possible to make "My_SSO_Cookie" work. > > > From looking at the configs, I believe something other than RT is > > giving the browser a cookie and placing that cookie value into a > > database. > > > RT::Authen::ExternalAuth::DBI::Cookie is just the glue between RT and > > that authenticating service. > > Yes, I did understand that much, but as far as I'm aware unless something > (Maybe "My_MySQL"??) writes these to a (RT's?) database I don't see how I > would be populating the c_table, c_field, c_match_key otherwise? My > external auth service is a SSO solution that sets a cookie in my browser > and > I can view that cookie using Chromes Cookie Inspector extension but there > is > no "database-like" structure to a/the cookie so I'm a bit confused by the > parameters sounding like they should be from a database? > > Basically, I'm trying to discover the simplest way possible how do I get > the > cookie from the browser passed on to RT where RT says > > "I've checked the SSO cookie for User1 and User1 is already authenticated" > "I've now checked the RT database and User1 exists in the RT database" > "Now that I Know User1 exists I'm presenting his specific User1 RT session > and dashboard etc. etc." > "User1 is now fully automatically logged into RT based on his SSO > authentication service cookie" > > Any clarity surrounding how this is done or if anyone does this currently > and could shed some light on how to do this such as a working example > config > or just with more detail than the docs provide would be extremely helpful > and I would be even more grateful! > > Thanks again- > > > > -- > View this message in context: > http://requesttracker.8502.n7.nabble.com/Cookie-based-auth-works-but-takes-me-to-login-page-tp56394p61340.html > Sent from the Request Tracker - User mailing list archive at Nabble.com. > > --------- > RT 4.4 and RTIR Training Sessions ( > http://bestpractical.com/services/training.html) > * Hamburg Germany March 14 & 15, 2016 >
--------- RT 4.4 and RTIR Training Sessions (http://bestpractical.com/services/training.html) * Hamburg Germany March 14 & 15, 2016