dear all,
I am new in settting RT authentication with LDAP against ADC. i installed RT
3.0.8 and configured with Apache and given in the bestpractical. now i like
to authenticate ldap users (valid user only).
i successfully opens a webpage to login with the user. when i sign in the
logs somehow returns following msg;
*[error]: FAILED LOGIN for user1 from 10.0.0.1
(/opt/rt3/bin/../lib/RT/Interface/Web.pm:424)*
I know its a common err, and it ought to be solved but i can't find a
solution so far, could you guys help me figuring out the problems.
Following are my conf;
*RT_SiteConfig.pm*
-
* Usign WebExternAuth (Apache Authentication)
##
# tells RT to use the REMOTE_USER provided by the web server
Set($WebExternalAuth , 1);
# tells RT to display its normal login screen if REMOTE_USER fails
Set($WebFallbackToInternalAuth , 1);
# tells RT to create users automatically if no user matching REMOTE_USER is
found
Set($WebExternalAuto , 1);
Usign RT::Authen::ExternalAuth ##
Set($rtname, 'cmtest01.fleetboard.dmz');
Set($Organization, 'cmtest01.fleetboard.dmz');
Set($CorrespondAddress , 'rt_u...@cmtest01.fleetboard.dmz');
Set($CommentAddress , 'rt_u...@cmtest01.fleetboard.dmz');
Set($OwnerEmail , 'root');
Set($MaxAttachmentSize , 1000);
Set($WebBaseURL, http://cmtest01.fleetboard.dmz/rt;);
Set($WebImagesURL , $WebPath . /NoAuth/images/);
Set($LogoURL, $WebImagesURL . bplogo.gif);
Set($LogoLinkURL, 'http://cmtest01.fleetboard.dmz');
Set($LogoImageURL, $WebImagesURL . bplogo.gif);
Set($LogoAltText, Daimler Fleetboard GmbH);
Set($RTAddressRegexp ,
'^[A-Za-z0-9][A-Za-z0-9_\.\-]{0,}@([A-Za-z0-9_\-]{1,}[\.]{1,1})+([A-Za-z]{2,5})$'
);
# THE DATABASE:
Set($DatabaseType, 'mysql'); Set($DatabaseUser , 'rt_user');
Set($DatabasePassword , ''); Set($DatabaseName , 'rt3');
# THE WEBSERVER:
Set($WebPath , );
#Set($WebPath , /);
Set( @Plugins, qw(RT::Authen::ExternalAuth) );
#Set(@Plugins,(qw(Extension::QuickDelete RT::FM)));
1;
*
*
**Apach**e vhost.conf:
--
*
*VirtualHost *:80
ServerName cmtest01.fleetboard.dmz
#SSLEngine ON
#SSLCertificateFile /root/certs/tickets.fleetboard.net.cert
#SSLCertificateKeyFile /root/certs/fbweb01.key
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#DocumentRoot /srv/www/vhosts/cmtest01.fleetboard.net/rt/
AddHandler fastcgi-script fcgi
Alias /rt /opt/rt3/share/html
Location /
Allow from all
Satisfy any
allow from localhost
AuthUserFile /dev/null
AuthName Hello LDAP
AuthBasicAuthoritative Off
AuthType Basic
*
*AuthBasicAuthoritative Off
AuthType Basic
AuthLDAPURL
ldap://ladapserverip:port/OU=ldapou,DC=intranet,DC=fb,DC=com?sAMAccountName?sub?(objectClass=*)
AuthLDAPBindDN CN=LDAPs
Subversion,OU=P-R,OU=P,OU=ldapou,DC=intranet,DC=fb,DC=com
AuthLDAPBindPassword ldappassword
require valid-user
/Location
*
*AddDefaultCharset UTF-8
PerlRequire /opt/rt3/bin/webmux.pl
Directory /srv/www/vhosts/cmtest01.fleetboard.net/rt/
Order allow,deny
Allow from all
DirectoryIndex index.html index.php
/Directory
Directory /opt/rt3/share/html/
Order allow,deny
Allow from all
Options Indexes FollowSymLinks
DirectoryIndex index.html index.php
SetHandler perl-script
PerlResponseHandler RT::Mason
/Directory
*
*/VirtualHost*
Looking forward
regards
haris
Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
Buy a copy at http://rtbook.bestpractical.com