CC: | Joshua Randall <joshua.randall [...] sanger.ac.uk> |
Subject: | Users with alternate attributes for identification |
Date: | Fri, 27 Apr 2012 15:41:19 +0100 |
To: | bug-RT-Authen-ExternalAuth [...] rt.cpan.org |
From: | Tim Cutts <tjrc [...] sanger.ac.uk> |
Users at our Institute have alternate email address aliases (e.g. firstname.lastname@example.com) which are not directly related to their uid. The attached patch to RT::Authen::ExternalAuth adds a new configuration option (filter_attr_map) which -- if it exists -- is used in place of attr_map in the ldap search to map RT attributes to multiple possible LDAP attributes. There is an example in RT_SiteConfig in the patch.
We also had to override LoadByEmail to call CanonicalizeUserInfo, because RT::User only calls this when creating new users otherwise. Arguably, there is a related bug in RT::User that CanonicalizeUserInfo should be called once before either Load or Create is attempted.
We've done some (limited) testing, and it seems to work for us!
Please let us know what you think.
Regards,
Tim & Josh
--
The Wellcome Trust Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.
Message body not shown because it is not plain text.