【发布时间】:2018-01-19 02:13:29
【问题描述】:
我将 RT 的旧安装从 4.0.x 移动到最新版本的 4.4.2。旧安装使用 Shibboleth,并且多年来一直使用 RT_SiteConfig.pm 设置正常工作:
Set($ExternalAuthPriority, ['Shibboleth']);
Set($ExternalInfoPriority, [ 'Shibboleth' ]);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings,
{ 'Shibboleth' =>
{ 'type' => 'shib',
'auth' => 0,
'info' => 1,
'attr_match_list' =>
[ 'Name', 'EmailAddress', 'RealName' ],
'attr_map' =>
{ 'Name' => 'REMOTE_USER',
'EmailAddress' => 'mail',
'RealName' => 'displayName' }
}
}
还有一个像这样的 Apache 虚拟主机:
< Location />
Require all granted
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /opt/rt4/sbin/rt-server
AuthType shibboleth
ShibRequireSession On
require valid-user
ShibRequestSetting requireSession 1
Options FollowSymLinks
< /Location>
< Location "/Shibboleth.sso">
Require all granted
SetHandler shib
AuthType None
< /Location>
当我使用相同的配置来设置数据库时,我得到:
make initialize-database
Password:
Working with:
Type: mysql
Host: localhost
Port:
Name: rtdb
User: rtdbuser
DBA: root
Now creating a mysql database rtdb for RT.
Done.
Now populating database schema.
Done.
Now inserting database ACLs.
Done.
Now inserting RT core system objects.
Done.
[error]: Service 'Shibboleth' in ExternalInfoPriority is not ldap, db, or cookie; removing. (/usr/local/src/rt-4.4.2/sbin/../lib/RT/Config.pm:1094)
Now inserting data.
Done inserting data.
Done.
我能看到的唯一不同是在安装时我无法再安装 RT::Authen::ExternalAuth。当我尝试时,我得到:
**** Error: Your installed version of RT (4.4.2) is too new; this extension
only works with versions older than 4.4.0.
我检查了文档,从我阅读的内容来看,ExternalAuth 功能现在是内置的,您不再需要该插件。如果确实如此,您如何在 RT 中使用 Shibboleth?如果不是这种情况,您将如何解决此问题?
【问题讨论】:
标签: apache shibboleth rt