Provided by: rt4-extension-authenexternalauth_0.17-1_all bug

NAME

       RT::Authen::ExternalAuth::DBI - External database source for RT authentication

DESCRIPTION

       Provides the database implementation for RT::Authen::ExternalAuth.

SYNOPSIS

           Set($ExternalSettings, {
               'My_MySQL'   =>  {
                   'type'                      =>  'db',

                   'dbi_driver'                =>  'DBI_DRIVER',

                   'server'                    =>  'server.domain.tld',
                   'port'                      =>  'DB_PORT',
                   'user'                      =>  'DB_USER',
                   'pass'                      =>  'DB_PASS',

                   'database'                  =>  'DB_NAME',
                   'table'                     =>  'USERS_TABLE',
                   'u_field'                   =>  'username',
                   'p_field'                   =>  'password',

                   # Example of custom hashed password check
                   #'p_check'                   =>  sub {
                   #    my ($hash_from_db, $password) = @_;
                   #    return $hash_from_db eq function($password);
                   #},

                   'p_enc_pkg'                 =>  'Crypt::MySQL',
                   'p_enc_sub'                 =>  'password',
                   'p_salt'                    =>  'SALT',

                   'd_field'                   =>  'disabled',
                   'd_values'                  =>  ['0'],

                   'attr_match_list' =>  [
                       'Gecos',
                       'Name',
                   ],
                   'attr_map' => {
                       'Name'           => 'username',
                       'EmailAddress'   => 'email',
                       'ExternalAuthId' => 'username',
                       'Gecos'          => 'userID',
                   },
               },
           } );

CONFIGURATION

       DBI-specific options are described here. Shared options are described in the
       etc/RT_SiteConfig.pm file included in this distribution.

       The example in the "SYNOPSIS" lists all available options and they are described below.
       See the DBI module for details on debugging connection issues.

       dbi_driver
           The name of the Perl DBI driver to use (e.g. mysql, Pg, SQLite).

       server
           The server hosting the database.

       port
           The port to use to connect on (e.g. 3306).

       user
           The database user for the connection.

       pass
           The password for the database user.

       database
           The database name.

       table
           The database table containing the user information to check against.

       u_field
           The field in the table that holds usernames

       p_field
           The field in the table that holds passwords

       p_check
           Optional.  An anonymous subroutine definition used to check the (presumably hashed)
           passed from the database with the password entered by the user logging in.  The
           subroutine should return true on success and false on failure.  The configuration
           options "p_enc_pkg" and "p_enc_sub" will be ignored when "p_check" is defined.

           An example, where "FooBar()" is some external hashing function:

               p_check => sub {
                   my ($hash_from_db, $password) = @_;
                   return $hash_from_db eq FooBar($password);
               },

           Importantly, the "p_check" subroutine allows for arbitrarily complex password checking
           unlike "p_enc_pkg" and "p_enc_sub".

       p_enc_pkg, p_enc_sub
           The Perl package and subroutine used to encrypt passwords from the database. For
           example, if the passwords are stored using the MySQL v3.23 "PASSWORD" function, then
           you will need the Crypt::MySQL "password" function, but for the MySQL4+ password you
           will need Crypt::MySQL's "password41". Alternatively, you could use Digest::MD5
           "md5_hex" or any other encryption subroutine you can load in your Perl installation.

       p_salt
           If p_enc_sub takes a salt as a second parameter then set it here.

       d_field, d_values
           The field and values in the table that determines if a user should be disabled. For
           example, if the field is 'user_status' and the values are ['0','1','2','disabled']
           then the user will be disabled if their user_status is set to '0','1','2' or the
           string 'disabled'.  Otherwise, they will be considered enabled.