| Subject: | Support creation of groups from LDAP and DBI queries |
It'd be desirable to create groups and assign group memberships when a
user logs in via RT::Authen::ExternalAuth .
Right now you have to combine RT::Authen::ExternalAuth (for LDAP bind
auth support) and RT::Extension::LDAPImport (for group memberships,
group creation, etc). This only works if you're using LDAP not DBI for
auth.
I have a setup where I'm using RT::Extension::LDAPImport with Apache's
mod_authnz_ldap (instead of trying to combine it with
RT::Authen::ExternalAuth) but for a variety of reasons I have to move to
a PostgreSQL DBI based user database.
It strikes me as silly to try to add DBI support to
RT::Authen::LDAPImport when really, ExternalAuth is closer to what I
want in the first place. I just need to find an answer to the group
creation and group membership management problem.
Given that ... do you have an opinion on whether it's possible to sanely
implement the creation of groups and assignment of group memberships on
the fly in ExternalAuth? If so, any hints on how one might go about
implementing it? I'm planning on having a go at the problem and would
greatly appreciate a few tips.