我正在将旧的RT安装从4.0.x移动到最新版本的4.4.2。旧的安装使用Shibboleth并且使用RT_SiteConfig.pm设置已经很好地工作了多年:
Set($ExternalAuthPriority, ['Shibboleth']);
Set($ExternalInfoPriority, [ 'Shibboleth' ]);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings,
{ 'Shibboleth' =>
{ 'type' => 'shib',
'auth' => 0,
'info' => 1,
'attr_match_list' =>
[ 'Name', 'EmailAddress', 'RealName' ],
'attr_map' =>
{ 'Name' => 'REMOTE_USER',
'EmailAddress' => 'mail',
'RealName' => 'displayName' }
}
}
和Apache vhost一样:
< Location />
Require all granted
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /opt/rt4/sbin/rt-server
AuthType shibboleth
ShibRequireSession On
require valid-user
ShibRequestSetting requireSession 1
Options FollowSymLinks
< /Location>
< Location "/Shibboleth.sso">
Require all granted
SetHandler shib
AuthType None
< /Location>
当我使用相同的配置设置数据库时,我得到:
make initialize-database
Password:
Working with:
Type: mysql
Host: localhost
Port:
Name: rtdb
User: rtdbuser
DBA: root
Now creating a mysql database rtdb for RT.
Done.
Now populating database schema.
Done.
Now inserting database ACLs.
Done.
Now inserting RT core system objects.
Done.
[error]: Service 'Shibboleth' in ExternalInfoPriority is not ldap, db, or cookie; removing. (/usr/local/src/rt-4.4.2/sbin/../lib/RT/Config.pm:1094)
Now inserting data.
Done inserting data.
Done.
我能看到的唯一不同的是安装时我不能再安装RT :: Authen :: ExternalAuth。当我尝试时,我得到:
**** Error: Your installed version of RT (4.4.2) is too new; this extension
only works with versions older than 4.4.0.
我检查了文档,从我看到的内容看起来现在内置了ExternalAuth功能,您不再需要该插件。如果事实上这是如何在RT中使用Shibboleth的话?如果不是这样你会如何解决这个问题?
答案 0 :(得分:0)
看起来当它被集成时,shib支持被删除了。有关添加shib支持的pull请求,请参阅https://github.com/bestpractical/rt/pull/208/;你想在你的RT_SiteConfig.pm中设置WebRemoteUser和ExternalSettingsRemoteUser