I'm moving an old installation of RT from 4.0.x to newest version of 4.4.2. The old installation uses Shibboleth and has worked fine doing so for years with RT_SiteConfig.pm settings:
Set($ExternalAuthPriority, ['Shibboleth']);
Set($ExternalInfoPriority, [ 'Shibboleth' ]);
Set($ExternalServiceUsesSSLorTLS, 0);
Set($AutoCreateNonExternalUsers, 1);
Set($ExternalSettings,
{ 'Shibboleth' =>
{ 'type' => 'shib',
'auth' => 0,
'info' => 1,
'attr_match_list' =>
[ 'Name', 'EmailAddress', 'RealName' ],
'attr_map' =>
{ 'Name' => 'REMOTE_USER',
'EmailAddress' => 'mail',
'RealName' => 'displayName' }
}
}
And an Apache vhost like:
< Location />
Require all granted
SetHandler modperl
PerlResponseHandler Plack::Handler::Apache2
PerlSetVar psgi_app /opt/rt4/sbin/rt-server
AuthType shibboleth
ShibRequireSession On
require valid-user
ShibRequestSetting requireSession 1
Options FollowSymLinks
< /Location>
< Location "/Shibboleth.sso">
Require all granted
SetHandler shib
AuthType None
< /Location>
When I went to use this same config to set up the database I get:
make initialize-database
Password:
Working with:
Type: mysql
Host: localhost
Port:
Name: rtdb
User: rtdbuser
DBA: root
Now creating a mysql database rtdb for RT.
Done.
Now populating database schema.
Done.
Now inserting database ACLs.
Done.
Now inserting RT core system objects.
Done.
[error]: Service 'Shibboleth' in ExternalInfoPriority is not ldap, db, or cookie; removing. (/usr/local/src/rt-4.4.2/sbin/../lib/RT/Config.pm:1094)
Now inserting data.
Done inserting data.
Done.
The only thing different that I can see is when doing the installation is that I can no longer install RT::Authen::ExternalAuth. When I try I get:
**** Error: Your installed version of RT (4.4.2) is too new; this extension
only works with versions older than 4.4.0.
I checked the documentation and from what I read it looks like the ExternalAuth functionality is now builtin and you no longer need the plugin. If this is in fact the case how do you use Shibboleth in RT? If it isn't the case how would you fix this?
