Re: [rt-users] Mapping users of a particular user database under OpenAM(SSO) to a specific queue
Hi, A quick google suggests that you may be looking for OpenAM web policy agents "Profile Attribute Fetch Mode" Good luck.. Best Regards Martin On 2016-11-09 16:04, Martin Wheldon wrote: Hi Maneesh, I'm not familiar with OpenAM, but you should be able to get this to do the authentication by either SSO cookie or getting the web server to populate the REMOTE_USER variable. The following may help... https://docs.bestpractical.com/rt/4.4.1/RT/Authen/ExternalAuth/DBI/Cookie.html https://docs.bestpractical.com/rt/4.4.1/RT/Authen/ExternalAuth.html#CONFIGURATION https://docs.bestpractical.com/rt/4.4.1/authentication.html#Via-your-web-server-aka-WebRemoteUserAuth-aka-REMOTE_USER However you will need to create groups and configure group access/permissions to the relevant queue(s) within RT. Best Regards Martin On 2016-11-09 12:58, Maneesh Kumar wrote: Hello members, We also have a requirement of mapping users of a particular user database under OpenAM(SSO) to a specific queue. This is required to enable users to have access to a specific queue rather than all queues. The access need to be enabled for creation of tickets and thereafter for listing his/her open and closed tickets. Please let me know if this is possible and steps to meet this requirement. Maneesh Kumar National PARAM Supercomputing Facility HPC Infrastructure and Ecosystem Group Centre for Development of Advanced Computing --- [ C-DAC is on Social-Media too. Kindly follow us at: Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ] This e-mail is for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies and the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email is strictly prohibited and appropriate legal action will be taken. --- - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Los Angeles - January 9-11 2017 - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Los Angeles - January 9-11 2017 - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Los Angeles - January 9-11 2017
Re: [rt-users] Mapping users of a particular user database under OpenAM(SSO) to a specific queue
Hi Maneesh, I'm not familiar with OpenAM, but you should be able to get this to do the authentication by either SSO cookie or getting the web server to populate the REMOTE_USER variable. The following may help... https://docs.bestpractical.com/rt/4.4.1/RT/Authen/ExternalAuth/DBI/Cookie.html https://docs.bestpractical.com/rt/4.4.1/RT/Authen/ExternalAuth.html#CONFIGURATION https://docs.bestpractical.com/rt/4.4.1/authentication.html#Via-your-web-server-aka-WebRemoteUserAuth-aka-REMOTE_USER However you will need to create groups and configure group access/permissions to the relevant queue(s) within RT. Best Regards Martin On 2016-11-09 12:58, Maneesh Kumar wrote: Hello members, We also have a requirement of mapping users of a particular user database under OpenAM(SSO) to a specific queue. This is required to enable users to have access to a specific queue rather than all queues. The access need to be enabled for creation of tickets and thereafter for listing his/her open and closed tickets. Please let me know if this is possible and steps to meet this requirement. Maneesh Kumar National PARAM Supercomputing Facility HPC Infrastructure and Ecosystem Group Centre for Development of Advanced Computing --- [ C-DAC is on Social-Media too. Kindly follow us at: Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ] This e-mail is for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies and the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email is strictly prohibited and appropriate legal action will be taken. --- - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Los Angeles - January 9-11 2017 - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Los Angeles - January 9-11 2017
Re: [rt-users] Mapping users of a particular user database under OpenAM(SSO) to a specific queue
I don't see how you're going to be able to leverage OpenAM for this when it's something that really needs to be done with RT's queue permissions. I have to assume you're using the OpenAM web policy agent for Apache, which is only going to allow you to permit/deny access based on URI, which isn't how RT presents it's queues. IMO you're complicating this by attempting to bolt on OpenAM onto something that already provides very fine grained permission. -- Later, Darin On Wed, Nov 9, 2016 at 7:58 AM, Maneesh Kumar wrote: > Hello members, > > We also have a requirement of mapping users of a particular user database > under OpenAM(SSO) to a specific queue. This is required to enable users to > have access to a specific queue rather than all queues. The access need to > be enabled for creation of tickets and thereafter for listing his/her open > and closed tickets. > > Please let me know if this is possible and steps to meet this requirement. > > > Maneesh Kumar > > > National PARAM Supercomputing Facility > > HPC Infrastructure and Ecosystem Group > Centre for Development of Advanced Computing > > --- > [ C-DAC is on Social-Media too. Kindly follow us at: > Facebook: https://www.facebook.com/CDACINDIA & Twitter: @cdacindia ] > > This e-mail is for the sole use of the intended recipient(s) and may > contain confidential and privileged information. If you are not the > intended recipient, please contact the sender by reply e-mail and destroy > all copies and the original message. Any unauthorized review, use, > disclosure, dissemination, forwarding, printing or copying of this email > is strictly prohibited and appropriate legal action will be taken. > --- > > - > RT 4.4 and RTIR training sessions, and a new workshop day! > https://bestpractical.com/training > * Los Angeles - January 9-11 2017 - RT 4.4 and RTIR training sessions, and a new workshop day! https://bestpractical.com/training * Los Angeles - January 9-11 2017
