Skip Menu |

This queue is for tickets about the RT-Authen-ExternalAuth CPAN distribution.

Report information
The Basics
Id: 43478
Status: open
Priority: 0/
Queue: RT-Authen-ExternalAuth
People
Owner: Nobody in particular
Requestors:
Cc: RINGERC [...] cpan.org
AdminCc:
Bug Information
Severity: Wishlist
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Fri Feb 20 13:26:23 2009 pgillis [...] usm.maine.edu - Ticket created
Subject: Enhancement to selectively update fields from LDAP
Date: Fri, 20 Feb 2009 13:25:03 -0500
To: <bug-RT-Authen-ExternalAuth [...] rt.cpan.org>
From: "Pete Gillis" <pgillis [...] usm.maine.edu>
We use an LDAP source to authenticate users and populate their data. For one field in particular, email, it is necessary for some users to change the address to an address that is different than the one in the LDAP source. We need the address set to the LDAP value when the user is created, but would rather that one field not be overwritten on subsequent logins. Would be nice to have a configuration option where you could set some fields as populated on user creation but then left alone after. I have patched our local install for email specifically, but I do not have a patch that would handle reconfigurability. If you would like some help with this, please let me know. Thanks... Pete ====================== Peter Gillis Database and Application Support University of Southern Maine USM Professional Staff Senate ======================
  Tue Jul 21 10:11:56 2009 pgillis [...] usm.maine.edu - Requestor pgillis@usm.maine.edu deleted
  Mon Sep 19 14:49:05 2011 cpan [...] jibsheet.com - Correspondence added
On Fri Feb 20 13:26:23 2009, pgillis@usm.maine.edu wrote: Show quoted text
> We use an LDAP source to authenticate users and populate their data. > For one field in particular, email, it is necessary for some users > to change the address to an address that is different than the one > in the LDAP source. We need the address set to the LDAP value when > the user is created, but would rather that one field not be > overwritten on subsequent logins. > > Would be nice to have a configuration option where you could set some > fields as populated on user creation but then left alone after. I > have patched our local install for email specifically, but I do not > have a patch that would handle reconfigurability.
If there was a patch to try and implement this, I'd be happy to review it, but I don't think it's likely to make it to the top of the TODO list otherwise. -kevin
  Mon Sep 19 14:49:07 2011 The RT System itself - Status changed from 'new' to 'open'
  Thu Jan 26 16:01:33 2012 tsibley [...] cpan.org - Status changed from 'open' to 'stalled'
  Thu Jan 26 16:01:33 2012 tsibley [...] cpan.org - Severity Unimportant added
  Thu Jan 26 16:01:57 2012 tsibley [...] cpan.org - Subject changed from 'Enhancement to selectively update fields from LDAP' to 'Enhancement request to selectively update fields from LDAP'
  Thu Jan 26 16:01:57 2012 tsibley [...] cpan.org - Severity Unimportant changed to Wishlist
  Tue Feb 26 02:07:50 2013 RINGERC [...] cpan.org - Correspondence added
RT::Extension::LDAPImport supports the functionality you desire, but lacks other features. It cannot perform bind authentication checks with LDAP or create users on first access. It has to be run as a batch job. Also, passwords must either be stored in clear-text in LDAP (ugh!), set separately in RT, or you must use an external auth system like Apache's mod_ldap_authnz and set RT to honour the REMOTE_USER setting. I would love to see a merge of the functionality of RT::Extension::LDAPImport and RT::Authen::ExternalAuth - giving ExternalAuth the ability to selectively update accounts and the ability to create groups, so it'd be a full superset of LDAPImport's functionality.
  Tue Feb 26 02:07:51 2013 The RT System itself - Status changed from 'stalled' to 'open'
  Tue Feb 26 02:08:29 2013 RINGERC [...] cpan.org - Cc RINGERC added