Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
Tim,
Thanks, adding a section to the virtualhost configuration for NoAuth having no
authentication worked like a charm. The webpage I found the solution on is:
http://requesttracker.wikia.com/wiki/WebExternalAuth
and the snippet I added to my rc.conf was:
Satisfy Any
Allow from all
Thanks,
Thomas
-Original Message-
From: rt-users-boun...@lists.bestpractical.com
[mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Tim Wiley
Sent: Wednesday, February 13, 2013 7:28 AM
To: rt-users@lists.bestpractical.com
Subject: Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache
OpenID module
On 02/12/2013 08:00 PM, Thomas Klump wrote:
> I'm working on implementing RT with OpenID. I started with a basic
> installation of RT and I created some test tickets from within the
> webui and via email. Everything worked great. I then started to
> implement OpenID for authentication. I tried using the RT OpenID
> plugin but I was never able to get that to work and there was very
> little documentation out there about it. I then decided to install
> WebExternalAuth use the Apache OpenID module for authentication. I was
> able to get this to work and now the web interface works great.
> Unfortunately, now the rt-mailgate is no longer working. When I email
> the queue the following error is logged in the maillog:
>
> Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130:
> to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action
> correspond --url http://rt.example.com/";,
> ctladdr= <mailto:customerserv...@rt.example.com>> (8/0), delay=00:00:08,
> xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred:
> prog mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL
>
> I then tried testing it from command line with the following results:
>
> # (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate
> --queue 'Customer Service' --action correspond --url
> http://rt.example.com --debug
>
> /usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'
>
> /usr/local/rt/bin/rt-mailgate: connecting to
> http://rt.example.com/REST/1.0/NoAuth/mail-gateway
>
> An Error Occurred
>
> =
>
> 302 Found
>
> /usr/local/rt/bin/rt-mailgate: undefined server error
>
> I then switched back to normal authentication methods in my apache
> virtualhost config and then rt-mailgate would process emails
> successfully. Here is my apache vituralhost configuration that seems
> to be the problem:
>
>
>
> # Optional apache logs for RT
>
> # ErrorLog /usr/local/rt/var/log/apache2.error
>
> # TransferLog /usr/local/rt/var/log/apache2.access
>
> # LogLevel debug
>
> AddDefaultCharset UTF-8
>
> DocumentRoot "/usr/local/rt/share/html"
>
>
>
> # If I comment out the section below and uncomment the two lines below
> that everything works
>
> AuthType OpenID
>
> require valid-user
>
> AuthOpenIDTrusted ^http://www.example.com/$
>
> AuthOpenIDUseCookie On
>
> AuthOpenIDSingleIdP http://www.example.com
>
> AuthOpenIDTrustRoot http://rt.example.com
>
> AuthOpenIDCookieName rt_auth_cookie
>
> AuthOpenIDSecureCookie Off
>
> # Order allow,deny
>
> # Allow from all
>
> SetHandler modperl
>
> PerlResponseHandler Plack::Handler::Apache2
>
> PerlSetVar psgi_app /usr/local/rt/sbin/rt-server
>
>
>
>
>
> use Plack::Handler::Apache2;
>
>
> Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");
>
>
>
>
>
> Thanks for any help on this issue.
>
> Thomas Klump
>
>
>
>
>
I don't use RT in this way, but it sounds like you need to open up an area of
RT for no authentication. Take a look at the page below. Note that it says
it's out of date, so I may be way off here, but check out the part where it
opens up /NoAuth. You may have to play around with the location, as it looks
like you're going through the REST API.
--
RT training in Amsterdam, March 20-21:
http://bestpractical.com/services/training.html
Help improve RT by taking our user survey:
https://www.surveymonkey.com/s/N23JW9T
--
RT training in Amsterdam, March 20-21:
http://bestpractical.com/services/training.html
Help improve RT by taking our user survey:
https://www.surveymonkey.com/s/N23JW9T
Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
On 02/13/2013 10:10 AM, Thomas Klump wrote: Tim, Thanks, adding a section to the virtualhost configuration for NoAuth having no authentication worked like a charm. The webpage I found the solution on is: http://requesttracker.wikia.com/wiki/WebExternalAuth Thanks, Thomas It's usually a good idea to also reply to the list so others know the eventual resolution. Also...so much for responding to e-mail before coffee. I absolutely intended on adding that link to my e-mail & didn't. My apologies. I'm glad you eventually found it & figure it out. -- RT training in Amsterdam, March 20-21: http://bestpractical.com/services/training.html Help improve RT by taking our user survey: https://www.surveymonkey.com/s/N23JW9T
Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
On 02/12/2013 08:00 PM, Thomas Klump wrote:
I’m working on implementing RT with OpenID. I started with a basic
installation of RT and I created some test tickets from within the webui
and via email. Everything worked great. I then started to implement
OpenID for authentication. I tried using the RT OpenID plugin but I was
never able to get that to work and there was very little documentation
out there about it. I then decided to install WebExternalAuth use the
Apache OpenID module for authentication. I was able to get this to work
and now the web interface works great. Unfortunately, now the
rt-mailgate is no longer working. When I email the queue the following
error is logged in the maillog:
Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130:
to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action
correspond --url http://rt.example.com/";,
ctladdr=mailto:customerserv...@rt.example.com>> (8/0), delay=00:00:08,
xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: prog
mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL
I then tried testing it from command line with the following results:
# (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate
--queue 'Customer Service' --action correspond --url
http://rt.example.com --debug
/usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'
/usr/local/rt/bin/rt-mailgate: connecting to
http://rt.example.com/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=
302 Found
/usr/local/rt/bin/rt-mailgate: undefined server error
I then switched back to normal authentication methods in my apache
virtualhost config and then rt-mailgate would process emails
successfully. Here is my apache vituralhost configuration that seems to
be the problem:
# Optional apache logs for RT
# ErrorLog /usr/local/rt/var/log/apache2.error
# TransferLog /usr/local/rt/var/log/apache2.access
# LogLevel debug
AddDefaultCharset UTF-8
DocumentRoot "/usr/local/rt/share/html"
# If I comment out the section below and uncomment the two lines below
that everything works
AuthType OpenID
require valid-user
AuthOpenIDTrusted ^http://www.example.com/$
AuthOpenIDUseCookie On
AuthOpenIDSingleIdP http://www.example.com
AuthOpenIDTrustRoot http://rt.example.com
AuthOpenIDCookieName rt_auth_cookie
AuthOpenIDSecureCookie Off
# Order allow,deny
# Allow from all
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /usr/local/rt/sbin/rt-server
use Plack::Handler::Apache2;
Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");
Thanks for any help on this issue.
Thomas Klump
I don't use RT in this way, but it sounds like you need to open up an
area of RT for no authentication. Take a look at the page below. Note
that it says it's out of date, so I may be way off here, but check out
the part where it opens up /NoAuth. You may have to play around with
the location, as it looks like you're going through the REST API.
--
RT training in Amsterdam, March 20-21:
http://bestpractical.com/services/training.html
Help improve RT by taking our user survey:
https://www.surveymonkey.com/s/N23JW9T
[rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
I'm working on implementing RT with OpenID. I started with a basic installation
of RT and I created some test tickets from within the webui and via email.
After everything was working I started to implement OpenID for authentication.
I tried using the RT OpenID plugin but I was never able to get that to work and
there was next to no documentation out there about it. I then decided to
install WebExternalAuth use the Apache OpenID module for authentication. I was
able to get this to work and now the web interface works great. Unfortunately,
now the rt-mailgate is no longer working. When I email the queue the following
error is logged in the maillog:
Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130:
to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action
correspond --url http://rt.example.com/";,
ctladdr= (8/0), delay=00:00:08,
xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: prog mailer
(/usr/sbin/smrsh) exited with EX_TEMPFAIL
I then tried testing it from command line with the following results:
# (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate --queue
'Customer Service' --action correspond --url http://rt.example.com --debug
/usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'
/usr/local/rt/bin/rt-mailgate: connecting to
http://rt.example.com/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=
302 Found
/usr/local/rt/bin/rt-mailgate: undefined server error
I then switched back to normal authentication methods in my apache virtualhost
config and then rt-mailgate would process emails successfully. Here is my
apache vituralhost configuration that is causing the errors:
# Optional apache logs for RT
# ErrorLog /usr/local/rt/var/log/apache2.error
# TransferLog /usr/local/rt/var/log/apache2.access
# LogLevel debug
AddDefaultCharset UTF-8
DocumentRoot "/usr/local/rt/share/html"
# If I comment out the section below and uncomment the two lines below that
everything works
AuthType OpenID
require valid-user
AuthOpenIDTrusted ^http://www.example.com/$
AuthOpenIDUseCookie On
AuthOpenIDSingleIdP http://www.example.com
AuthOpenIDTrustRoot http://rt.example.com
AuthOpenIDCookieName rt_auth_cookie
AuthOpenIDSecureCookie Off
# Order allow,deny
# Allow from all
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /usr/local/rt/sbin/rt-server
use Plack::Handler::Apache2;
Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");
Thanks for any help on this issue.
Thomas Klump
--
RT training in Amsterdam, March 20-21:
http://bestpractical.com/services/training.html
Help improve RT by taking our user survey:
https://www.surveymonkey.com/s/N23JW9T
[rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
I'm working on implementing RT with OpenID. I started with a basic installation
of RT and I created some test tickets from within the webui and via email.
Everything worked great. I then started to implement OpenID for authentication.
I tried using the RT OpenID plugin but I was never able to get that to work and
there was very little documentation out there about it. I then decided to
install WebExternalAuth use the Apache OpenID module for authentication. I was
able to get this to work and now the web interface works great. Unfortunately,
now the rt-mailgate is no longer working. When I email the queue the following
error is logged in the maillog:
Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130:
to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action
correspond --url http://rt.example.com/";,
ctladdr=mailto:customerserv...@rt.example.com>>
(8/0), delay=00:00:08, xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0,
stat=Deferred: prog mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL
I then tried testing it from command line with the following results:
# (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate --queue
'Customer Service' --action correspond --url http://rt.example.com --debug
/usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2'
/usr/local/rt/bin/rt-mailgate: connecting to
http://rt.example.com/REST/1.0/NoAuth/mail-gateway
An Error Occurred
=
302 Found
/usr/local/rt/bin/rt-mailgate: undefined server error
I then switched back to normal authentication methods in my apache virtualhost
config and then rt-mailgate would process emails successfully. Here is my
apache vituralhost configuration that seems to be the problem:
# Optional apache logs for RT
# ErrorLog /usr/local/rt/var/log/apache2.error
# TransferLog /usr/local/rt/var/log/apache2.access
# LogLevel debug
AddDefaultCharset UTF-8
DocumentRoot "/usr/local/rt/share/html"
# If I comment out the section below and uncomment the two lines below that
everything works
AuthType OpenID
require valid-user
AuthOpenIDTrusted ^http://www.example.com/$
AuthOpenIDUseCookie On
AuthOpenIDSingleIdP http://www.example.com
AuthOpenIDTrustRoot http://rt.example.com
AuthOpenIDCookieName rt_auth_cookie
AuthOpenIDSecureCookie Off
# Order allow,deny
# Allow from all
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /usr/local/rt/sbin/rt-server
use Plack::Handler::Apache2;
Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server");
Thanks for any help on this issue.
Thomas Klump
--
RT training in Amsterdam, March 20-21:
http://bestpractical.com/services/training.html
Help improve RT by taking our user survey:
https://www.surveymonkey.com/s/N23JW9T
