DB Kundenanmeldung für externe und SSO für interne Mitarbeiter

Hilfe zu OTRS Problemen aller Art
Post Reply
kleinemeise
Znuny newbie
Posts: 47
Joined: 03 Jun 2016, 13:05
Znuny Version: 5.0.24

DB Kundenanmeldung für externe und SSO für interne Mitarbeiter

Post by kleinemeise »

Hallo Leute,

wir nutzen das Kundeninterface aktuell für unsere internen Mitarbeiter, welche per SSO automatisch an Kundeninterface angemeldet werden - Apache und OTRS laufen da super

Jetzt müssen in Zukunft aber auch externe Kunden auf das Kundeninterface zulassen. Diese Kunden lege ich in der DB von OTRS an.
Leider funktioniert das aber nicht. Die Zugangsdaten werden nicht angenommen. Nur AD Daten funktionieren.

Meine Konfig sieht aktuell so aus:

Code: Select all

$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::HTTPBasicAuth';
$Self->{'Customer::AuthModule::HTTPBasicAuth::ReplaceRegExp'} ='@DOMAIN.INTERN';	

$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::DB';
$Self->{'Customer::AuthModule::DB::Table1'} = 'customer_user';
$Self->{'Customer::AuthModule::DB::CustomerKey1'} = 'login';
$Self->{'Customer::AuthModule::DB::CustomerPassword1'} = 'pw';
Wo finde ich das OTRS log, um etwas zu forschen?
Geht es überhaupt, dass OTRS prüft -> ah da kommt einer nicht aus der Domain - dann suche ich in meiner lokalen DB?
shawnbeasley
Znuny Employee
Posts: 132
Joined: 13 Sep 2021, 09:38
Znuny Version: Znuny 6.3.x
Real Name: Shawn Beasley
Company: Znuny

Re: DB Kundenanmeldung für externe und SSO für interne Mitarbeiter

Post by shawnbeasley »

Did you set up a CustomerUser for CustomerAuth1?

Code: Select all

    # CustomerUser
    # (customer user database backend and settings)
    $Self->{CustomerUser1} = {
        Name   => Translatable('Database Backend'),
        Module => 'Kernel::System::CustomerUser::DB',
        Params => {

            # if you want to use an external database, add the
            # required settings
#            DSN  => 'DBI:odbc:yourdsn',
#            Type => 'mssql', # only for ODBC connections
#            DSN => 'DBI:mysql:database=customerdb;host=customerdbhost',
#            User => '',
#            Password => '',
            Table => 'customer_user',
#            ForeignDB => 0,    # set this to 1 if your table does not have create_time, create_by, change_time and change_by fields

            # CaseSensitive defines if the data storage of your DBMS is case sensitive and will be
            # preconfigured within the database driver by default.
            # If the collation of your data storage differs from the default settings,
            # you can set the current behavior ( either 1 = CaseSensitive or 0 = CaseINSensitive )
            # to fit your environment.
            #
#            CaseSensitive => 0,

            # SearchCaseSensitive will control if the searches within the data storage are performed
            # case sensitively (if possible) or not. Change this option to 1, if you want to search case sensitive.
            # This can improve the performance dramatically on large databases.
            SearchCaseSensitive => 0,
        },

        # customer unique id
        CustomerKey => 'login',

        # customer #
        CustomerID    => 'customer_id',
        CustomerValid => 'valid_id',

        # The last field must always be the email address so that a valid
        #   email address like "John Doe" <john.doe@domain.com> can be constructed from the fields.
        CustomerUserListFields => [ 'first_name', 'last_name', 'email' ],

#        CustomerUserListFields => ['login', 'first_name', 'last_name', 'customer_id', 'email'],
        CustomerUserSearchFields           => [ 'login', 'first_name', 'last_name', 'customer_id' ],
        CustomerUserSearchPrefix           => '*',
        CustomerUserSearchSuffix           => '*',
        CustomerUserSearchListLimit        => 250,
        CustomerUserPostMasterSearchFields => ['email'],
        CustomerUserNameFields             => [ 'title', 'first_name', 'last_name' ],
        CustomerUserEmailUniqCheck         => 1,

#        # Configures the character for joining customer user name parts. Join single space if it is not defined.
#        # CustomerUserNameFieldsJoin => '',

#        # show now own tickets in customer panel, CompanyTickets
#        CustomerUserExcludePrimaryCustomerID => 0,
#        # generate auto logins
#        AutoLoginCreation => 0,
#        # generate auto login prefix
#        AutoLoginCreationPrefix => 'auto',
#        # admin can change customer preferences
#        AdminSetPreferences => 1,
        # use customer company support (reference to company, See CustomerCompany settings)
        CustomerCompanySupport => 1,
        # cache time to live in sec. - cache any database queries
        CacheTTL => 60 * 60 * 24,
#        # Consider this source read only.
#        ReadOnly => 1,
        Map => [

            # Info about dynamic fields:
            #
            # Dynamic Fields of type CustomerUser can be used within the mapping (see example below).
            # The given storage (third column) then can also be used within the following configurations (see above):
            # CustomerUserSearchFields, CustomerUserPostMasterSearchFields, CustomerUserListFields, CustomerUserNameFields
            #
            # Note that the columns 'frontend' and 'readonly' will be ignored for dynamic fields.

            # note: Login, Email and CustomerID needed!
            # var, frontend, storage, shown (1=always,2=lite), required, storage-type, http-link, readonly, http-link-target, link class(es)
            [ 'UserTitle',        Translatable('Title or salutation'), 'title',          1, 0, 'var', '', 0, undef, undef ],
            [ 'UserFirstname',    Translatable('Firstname'),           'first_name',     1, 1, 'var', '', 0, undef, undef ],
            [ 'UserLastname',     Translatable('Lastname'),            'last_name',      1, 1, 'var', '', 0, undef, undef ],
            [ 'UserLogin',        Translatable('Username'),            'login',          1, 1, 'var', '', 0, undef, undef ],
            [ 'UserPassword',     Translatable('Password'),            'pw',             0, 0, 'var', '', 0, undef, undef ],
            [ 'UserEmail',        Translatable('Email'),               'email',          1, 1, 'var', '', 0, undef, undef ],
#            [ 'UserEmail',        Translatable('Email'),               'email',          1, 1, 'var', '[% Env("CGIHandle") %]?Action=AgentTicketCompose;ResponseID=1;TicketID=[% Data.TicketID | uri %];ArticleID=[% Data.ArticleID | uri %]', 0, '', 'AsPopup OTRSPopup_TicketAction' ],
            [ 'UserCustomerID',   Translatable('CustomerID'),          'customer_id',    0, 1, 'var', '', 0, undef, undef ],
#            [ 'UserCustomerIDs',  Translatable('CustomerIDs'),         'customer_ids',   1, 0, 'var', '', 0, undef, undef ],
            [ 'UserPhone',        Translatable('Phone'),               'phone',          1, 0, 'var', '', 0, undef, undef ],
            [ 'UserFax',          Translatable('Fax'),                 'fax',            1, 0, 'var', '', 0, undef, undef ],
            [ 'UserMobile',       Translatable('Mobile'),              'mobile',         1, 0, 'var', '', 0, undef, undef ],
            [ 'UserStreet',       Translatable('Street'),              'street',         1, 0, 'var', '', 0, undef, undef ],
            [ 'UserZip',          Translatable('Zip'),                 'zip',            1, 0, 'var', '', 0, undef, undef ],
            [ 'UserCity',         Translatable('City'),                'city',           1, 0, 'var', '', 0, undef, undef ],
            [ 'UserCountry',      Translatable('Country'),             'country',        1, 0, 'var', '', 0, undef, undef ],
            [ 'UserComment',      Translatable('Comment'),             'comments',       1, 0, 'var', '', 0, undef, undef ],
            [ 'ValidID',          Translatable('Valid'),               'valid_id',       0, 1, 'int', '', 0, undef, undef ],

            # Dynamic field example
#            [ 'DynamicField_Name_X', undef, 'Name_X', 0, 0, 'dynamic_field', undef, 0, undef, undef ],
        ],

        # default selections
        Selections => {

#            UserTitle => {
#                'Mr.' => Translatable('Mr.'),
#                'Mrs.' => Translatable('Mrs.'),
#            },
        },
    };
root
Administrator
Posts: 3934
Joined: 18 Dec 2007, 12:23
Znuny Version: Znuny and Znuny LTS
Real Name: Roy Kaldung
Company: Znuny
Contact:

Re: DB Kundenanmeldung für externe und SSO für interne Mitarbeiter

Post by root »

kleinemeise wrote: 09 Sep 2021, 14:03 Hallo Leute,

wir nutzen das Kundeninterface aktuell für unsere internen Mitarbeiter, welche per SSO automatisch an Kundeninterface angemeldet werden - Apache und OTRS laufen da super

Jetzt müssen in Zukunft aber auch externe Kunden auf das Kundeninterface zulassen. Diese Kunden lege ich in der DB von OTRS an.
Leider funktioniert das aber nicht. Die Zugangsdaten werden nicht angenommen. Nur AD Daten funktionieren.

Meine Konfig sieht aktuell so aus:

Code: Select all

$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::HTTPBasicAuth';
$Self->{'Customer::AuthModule::HTTPBasicAuth::ReplaceRegExp'} ='@DOMAIN.INTERN';	

$Self->{'Customer::AuthModule1'} = 'Kernel::System::CustomerAuth::DB';
$Self->{'Customer::AuthModule::DB::Table1'} = 'customer_user';
$Self->{'Customer::AuthModule::DB::CustomerKey1'} = 'login';
$Self->{'Customer::AuthModule::DB::CustomerPassword1'} = 'pw';
Wo finde ich das OTRS log, um etwas zu forschen?
Geht es überhaupt, dass OTRS prüft -> ah da kommt einer nicht aus der Domain - dann suche ich in meiner lokalen DB?
Hi,

wo geben die externen denn Ihre Zugangsdaten ein? In dem Popup vom Browser? Das Require valid-user erwartet halt einen gültigen User der sich gegen dad AD authentifiziert. Per Kerberos oder alternativ mit Benutzername/Kennwort - und zwar vom AD. Zur Authentifizierung gegen das DB Backend kommt es erst gar nicht.

- Roy
Znuny and Znuny LTS running on CentOS / RHEL / Debian / SLES / MySQL / PostgreSQL / Oracle / OpenLDAP / Active Directory / SSO

Use a test system - always.

Do you need professional services? Check out https://www.znuny.com/

Do you want to contribute or want to know where it goes ?
Post Reply