Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
Tim, Thanks, adding a section to the virtualhost configuration for NoAuth having no authentication worked like a charm. The webpage I found the solution on is: http://requesttracker.wikia.com/wiki/WebExternalAuth and the snippet I added to my rc.conf was: Satisfy Any Allow from all Thanks, Thomas -Original Message- From: rt-users-boun...@lists.bestpractical.com [mailto:rt-users-boun...@lists.bestpractical.com] On Behalf Of Tim Wiley Sent: Wednesday, February 13, 2013 7:28 AM To: rt-users@lists.bestpractical.com Subject: Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module On 02/12/2013 08:00 PM, Thomas Klump wrote: > I'm working on implementing RT with OpenID. I started with a basic > installation of RT and I created some test tickets from within the > webui and via email. Everything worked great. I then started to > implement OpenID for authentication. I tried using the RT OpenID > plugin but I was never able to get that to work and there was very > little documentation out there about it. I then decided to install > WebExternalAuth use the Apache OpenID module for authentication. I was > able to get this to work and now the web interface works great. > Unfortunately, now the rt-mailgate is no longer working. When I email > the queue the following error is logged in the maillog: > > Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130: > to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action > correspond --url http://rt.example.com/";, > ctladdr= <mailto:customerserv...@rt.example.com>> (8/0), delay=00:00:08, > xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: > prog mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL > > I then tried testing it from command line with the following results: > > # (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate > --queue 'Customer Service' --action correspond --url > http://rt.example.com --debug > > /usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2' > > /usr/local/rt/bin/rt-mailgate: connecting to > http://rt.example.com/REST/1.0/NoAuth/mail-gateway > > An Error Occurred > > = > > 302 Found > > /usr/local/rt/bin/rt-mailgate: undefined server error > > I then switched back to normal authentication methods in my apache > virtualhost config and then rt-mailgate would process emails > successfully. Here is my apache vituralhost configuration that seems > to be the problem: > > > > # Optional apache logs for RT > > # ErrorLog /usr/local/rt/var/log/apache2.error > > # TransferLog /usr/local/rt/var/log/apache2.access > > # LogLevel debug > > AddDefaultCharset UTF-8 > > DocumentRoot "/usr/local/rt/share/html" > > > > # If I comment out the section below and uncomment the two lines below > that everything works > > AuthType OpenID > > require valid-user > > AuthOpenIDTrusted ^http://www.example.com/$ > > AuthOpenIDUseCookie On > > AuthOpenIDSingleIdP http://www.example.com > > AuthOpenIDTrustRoot http://rt.example.com > > AuthOpenIDCookieName rt_auth_cookie > > AuthOpenIDSecureCookie Off > > # Order allow,deny > > # Allow from all > > SetHandler modperl > > PerlResponseHandler Plack::Handler::Apache2 > > PerlSetVar psgi_app /usr/local/rt/sbin/rt-server > > > > > > use Plack::Handler::Apache2; > > > Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server"); > > > > > > Thanks for any help on this issue. > > Thomas Klump > > > > > I don't use RT in this way, but it sounds like you need to open up an area of RT for no authentication. Take a look at the page below. Note that it says it's out of date, so I may be way off here, but check out the part where it opens up /NoAuth. You may have to play around with the location, as it looks like you're going through the REST API. -- RT training in Amsterdam, March 20-21: http://bestpractical.com/services/training.html Help improve RT by taking our user survey: https://www.surveymonkey.com/s/N23JW9T -- RT training in Amsterdam, March 20-21: http://bestpractical.com/services/training.html Help improve RT by taking our user survey: https://www.surveymonkey.com/s/N23JW9T
Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
On 02/13/2013 10:10 AM, Thomas Klump wrote: Tim, Thanks, adding a section to the virtualhost configuration for NoAuth having no authentication worked like a charm. The webpage I found the solution on is: http://requesttracker.wikia.com/wiki/WebExternalAuth Thanks, Thomas It's usually a good idea to also reply to the list so others know the eventual resolution. Also...so much for responding to e-mail before coffee. I absolutely intended on adding that link to my e-mail & didn't. My apologies. I'm glad you eventually found it & figure it out. -- RT training in Amsterdam, March 20-21: http://bestpractical.com/services/training.html Help improve RT by taking our user survey: https://www.surveymonkey.com/s/N23JW9T
Re: [rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
On 02/12/2013 08:00 PM, Thomas Klump wrote: I’m working on implementing RT with OpenID. I started with a basic installation of RT and I created some test tickets from within the webui and via email. Everything worked great. I then started to implement OpenID for authentication. I tried using the RT OpenID plugin but I was never able to get that to work and there was very little documentation out there about it. I then decided to install WebExternalAuth use the Apache OpenID module for authentication. I was able to get this to work and now the web interface works great. Unfortunately, now the rt-mailgate is no longer working. When I email the queue the following error is logged in the maillog: Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130: to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action correspond --url http://rt.example.com/";, ctladdr=mailto:customerserv...@rt.example.com>> (8/0), delay=00:00:08, xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: prog mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL I then tried testing it from command line with the following results: # (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action correspond --url http://rt.example.com --debug /usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2' /usr/local/rt/bin/rt-mailgate: connecting to http://rt.example.com/REST/1.0/NoAuth/mail-gateway An Error Occurred = 302 Found /usr/local/rt/bin/rt-mailgate: undefined server error I then switched back to normal authentication methods in my apache virtualhost config and then rt-mailgate would process emails successfully. Here is my apache vituralhost configuration that seems to be the problem: # Optional apache logs for RT # ErrorLog /usr/local/rt/var/log/apache2.error # TransferLog /usr/local/rt/var/log/apache2.access # LogLevel debug AddDefaultCharset UTF-8 DocumentRoot "/usr/local/rt/share/html" # If I comment out the section below and uncomment the two lines below that everything works AuthType OpenID require valid-user AuthOpenIDTrusted ^http://www.example.com/$ AuthOpenIDUseCookie On AuthOpenIDSingleIdP http://www.example.com AuthOpenIDTrustRoot http://rt.example.com AuthOpenIDCookieName rt_auth_cookie AuthOpenIDSecureCookie Off # Order allow,deny # Allow from all SetHandler modperl PerlResponseHandler Plack::Handler::Apache2 PerlSetVar psgi_app /usr/local/rt/sbin/rt-server use Plack::Handler::Apache2; Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server"); Thanks for any help on this issue. Thomas Klump I don't use RT in this way, but it sounds like you need to open up an area of RT for no authentication. Take a look at the page below. Note that it says it's out of date, so I may be way off here, but check out the part where it opens up /NoAuth. You may have to play around with the location, as it looks like you're going through the REST API. -- RT training in Amsterdam, March 20-21: http://bestpractical.com/services/training.html Help improve RT by taking our user survey: https://www.surveymonkey.com/s/N23JW9T
[rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
I'm working on implementing RT with OpenID. I started with a basic installation of RT and I created some test tickets from within the webui and via email. After everything was working I started to implement OpenID for authentication. I tried using the RT OpenID plugin but I was never able to get that to work and there was next to no documentation out there about it. I then decided to install WebExternalAuth use the Apache OpenID module for authentication. I was able to get this to work and now the web interface works great. Unfortunately, now the rt-mailgate is no longer working. When I email the queue the following error is logged in the maillog: Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130: to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action correspond --url http://rt.example.com/";, ctladdr= (8/0), delay=00:00:08, xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: prog mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL I then tried testing it from command line with the following results: # (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action correspond --url http://rt.example.com --debug /usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2' /usr/local/rt/bin/rt-mailgate: connecting to http://rt.example.com/REST/1.0/NoAuth/mail-gateway An Error Occurred = 302 Found /usr/local/rt/bin/rt-mailgate: undefined server error I then switched back to normal authentication methods in my apache virtualhost config and then rt-mailgate would process emails successfully. Here is my apache vituralhost configuration that is causing the errors: # Optional apache logs for RT # ErrorLog /usr/local/rt/var/log/apache2.error # TransferLog /usr/local/rt/var/log/apache2.access # LogLevel debug AddDefaultCharset UTF-8 DocumentRoot "/usr/local/rt/share/html" # If I comment out the section below and uncomment the two lines below that everything works AuthType OpenID require valid-user AuthOpenIDTrusted ^http://www.example.com/$ AuthOpenIDUseCookie On AuthOpenIDSingleIdP http://www.example.com AuthOpenIDTrustRoot http://rt.example.com AuthOpenIDCookieName rt_auth_cookie AuthOpenIDSecureCookie Off # Order allow,deny # Allow from all SetHandler modperl PerlResponseHandler Plack::Handler::Apache2 PerlSetVar psgi_app /usr/local/rt/sbin/rt-server use Plack::Handler::Apache2; Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server"); Thanks for any help on this issue. Thomas Klump -- RT training in Amsterdam, March 20-21: http://bestpractical.com/services/training.html Help improve RT by taking our user survey: https://www.surveymonkey.com/s/N23JW9T
[rt-users] rt-mailgate error 302 with WebExternalAuth and Apache OpenID module
I'm working on implementing RT with OpenID. I started with a basic installation of RT and I created some test tickets from within the webui and via email. Everything worked great. I then started to implement OpenID for authentication. I tried using the RT OpenID plugin but I was never able to get that to work and there was very little documentation out there about it. I then decided to install WebExternalAuth use the Apache OpenID module for authentication. I was able to get this to work and now the web interface works great. Unfortunately, now the rt-mailgate is no longer working. When I email the queue the following error is logged in the maillog: Feb 13 03:17:03 sendmail[20134]: r1D3Gsht020130: to="|/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action correspond --url http://rt.example.com/";, ctladdr=mailto:customerserv...@rt.example.com>> (8/0), delay=00:00:08, xdelay=00:00:01, mailer=prog, pri=123857, dsn=4.0.0, stat=Deferred: prog mailer (/usr/sbin/smrsh) exited with EX_TEMPFAIL I then tried testing it from command line with the following results: # (echo Subject: test; echo; echo test) |/usr/local/rt/bin/rt-mailgate --queue 'Customer Service' --action correspond --url http://rt.example.com --debug /usr/local/rt/bin/rt-mailgate: temp file is '/tmp/b4OHJlWSwH/Kgebhr0hI2' /usr/local/rt/bin/rt-mailgate: connecting to http://rt.example.com/REST/1.0/NoAuth/mail-gateway An Error Occurred = 302 Found /usr/local/rt/bin/rt-mailgate: undefined server error I then switched back to normal authentication methods in my apache virtualhost config and then rt-mailgate would process emails successfully. Here is my apache vituralhost configuration that seems to be the problem: # Optional apache logs for RT # ErrorLog /usr/local/rt/var/log/apache2.error # TransferLog /usr/local/rt/var/log/apache2.access # LogLevel debug AddDefaultCharset UTF-8 DocumentRoot "/usr/local/rt/share/html" # If I comment out the section below and uncomment the two lines below that everything works AuthType OpenID require valid-user AuthOpenIDTrusted ^http://www.example.com/$ AuthOpenIDUseCookie On AuthOpenIDSingleIdP http://www.example.com AuthOpenIDTrustRoot http://rt.example.com AuthOpenIDCookieName rt_auth_cookie AuthOpenIDSecureCookie Off # Order allow,deny # Allow from all SetHandler modperl PerlResponseHandler Plack::Handler::Apache2 PerlSetVar psgi_app /usr/local/rt/sbin/rt-server use Plack::Handler::Apache2; Plack::Handler::Apache2->preload("/usr/local/rt/sbin/rt-server"); Thanks for any help on this issue. Thomas Klump -- RT training in Amsterdam, March 20-21: http://bestpractical.com/services/training.html Help improve RT by taking our user survey: https://www.surveymonkey.com/s/N23JW9T