On 02/12/2013 08:00 PM, Thomas Klump wrote:
I’m working on implementing RT with OpenID. I started with a basic
installation of RT and I created some test tickets from within the webui
and via email. Everything worked great. I then started to implement
OpenID for authentication. I tried using the RT OpenID plugin but I was
never able to get that to work and there was very little documentation
out there about it. I then decided to install WebExternalAuth use the
Apache OpenID module for authentication. I was able to get this to work
and now the web interface works great. Unfortunately, now the
rt-mailgate is no longer working. When I email the queue the following
error is logged in the maillog:
Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130:
to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action
correspond --url http://rt.example.com/",
ctladdr=<customerserv...@rt.example.com
<mailto:customerserv...@rt.example.com>> (8/0), delay=00:00:08,
xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: prog
mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL
I then tried testing it from command line with the following results:
# (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate
--queue 'Customer Service' --action correspond --url
http://rt.example.com --debug
/usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'
/usr/local/rt/bin/rt-mailgate: connecting to
http://rt.example.com/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=================
302 Found
/usr/local/rt/bin/rt-mailgate: undefined server error
I then switched back to normal authentication methods in my apache
virtualhost config and then rt-mailgate would process emails
successfully. Here is my apache vituralhost configuration that seems to
be the problem:
<VirtualHost *:80>
# Optional apache logs for RT
# ErrorLog /usr/local/rt/var/log/apache2.error
# TransferLog /usr/local/rt/var/log/apache2.access
# LogLevel debug
AddDefaultCharset UTF-8
DocumentRoot "/usr/local/rt/share/html"
<Location />
# If I comment out the section below and uncomment the two lines below
that everything works
AuthType OpenID
require valid-user
AuthOpenIDTrusted ^http://www.example.com/$
AuthOpenIDUseCookie On
AuthOpenIDSingleIdP http://www.example.com
AuthOpenIDTrustRoot http://rt.example.com
AuthOpenIDCookieName rt_auth_cookie
AuthOpenIDSecureCookie Off
# Order allow,deny
# Allow from all
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /usr/local/rt/sbin/rt-server
</Location>
<Perl>
use Plack::Handler::Apache2;
Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");
</Perl>
</VirtualHost>
Thanks for any help on this issue.
Thomas Klump
I don't use RT in this way, but it sounds like you need to open up an
area of RT for no authentication. Take a look at the page below. Note
that it says it's out of date, so I may be way off here, but check out
the part where it opens up /NoAuth. You may have to play around with
the location, as it looks like you're going through the REST API.
--
RT training in Amsterdam, March 20-21:
http://bestpractical.com/services/training.html
Help improve RT by taking our user survey:
https://www.surveymonkey.com/s/N23JW9T