RTC and GIT integration using Nodejs: authentication LDAP
Hi all,
please! Someone has been able to set up correctly the RTC integration with GIT using the new hooks based on Nodejs?
I need help!
I've RTC 6.0.2 on RHEL 6.2 and I've followed all wiki pages and official guides of RTC for 6.0.2.
My properties configuration of LDAP authorization for NodeJS doesn't work.
My RTC configuration for LDAP instead works always fine (since many years).
Nodejs starts well.
I would like to know if anyone has succed in it and get some advice from him.
Many thanks in advance
Alberto
|
Accepted answer
Hi Alberto
Yes we have got it working with different LDAP servers. What is your LDAP server? Microsoft AD?
Please share your ldap config from config.json.
Also, how are you testing if the LDAP configuration is successful?
When you access the Nodejs link and authenticate, if the login is successful a blank page comes up and if not the Login prompt re-appears.
Regards
Shubjit
Alberto Teodoro selected this answer as the correct answer
Comments
Alberto Teodoro
commented Feb 16 '17, 1:42 a.m.
Hi Shubjit,
many thanks ;-)
I've Microsoft AD.
Actually, when I access to my Git repo via Nodejs, I receive a blank page with the lonely word "Unauthorized".
My case:
I really hope you could help me.
Many many thanks in advance.
Ciao
Alberto
Shubjit Naik
commented Feb 16 '17, 4:26 a.m.
Hi Alberto
1. I see a small config change is needed for searchFilter
Change From
"searchFilter": "(uid={{sAMAccountName}})",
TO
"searchFilter": "(sAMAccountName={{username}})",
2. The URL being accessed should match you "Git-URL-Prefixes" , as per your config it is /git so your URL would be
Alberto Teodoro
commented Feb 16 '17, 6:56 a.m.
Hi Shubjit,
now it seems better:
And I've also given all permission by RTC side, also if I should be expected to have the message CRRTC8814E only for the BASIC mode, not for the LDAP mode.
Ciao
Alberto
Shubjit Naik
commented Feb 16 '17, 7:04 a.m.
Hi Alberto
Since all the hooks are in place, can you run through the use case in the following article and see how it works? Accessing the GIT URL is not needed for now, as the changes would be redirected from nodejs and displayed within RTC>
The section "Testing the integration" is what you could try and see if you are able to link Git Commits to RTC Work Item.
Alberto Teodoro
commented Feb 16 '17, 9:03 a.m.
Hi Shubjit,,
1) now I've the problem, from the browser, when I type http://server01v.rete.test/almsvil/rtcgit.git: I can't find the git repo; when I have my authorization, I receive the response "file not found"; in my config.json I've the following properties:
2) So, the authorization is made by LDAP, but only if the user is member of the RTC Project? I've right understood?Many thanks HShubjit, Alberto
Alberto Teodoro
commented Feb 16 '17, 10:31 a.m.
Hi Shubjit,
Shubjit Naik
commented Feb 16 '17, 12:13 p.m.
Hi Alberto
For the questions on the previous comment, Since the Git-URL-Prefix is set to /git/almsvil , your git repo URL would be http://server01v.rete.test/git/almsvil/rtcgit.git
Git-Repositories-Root-Dir seems to set right, it is the location of your git repos, it does not a direct relation to the git URL.
Are you able to register the git repo URL in RTC?
Alberto Teodoro
commented Feb 16 '17, 12:36 p.m.
Hi Shubjit,
Shubjit Naik
commented Feb 16 '17, 1:12 p.m.
Hi Alberto
The path seems fine, the git user should have read/write access to this directory. The path on my setup is /opt/gitrepo.
The warning you see if due to the git config not updated with the key from RTC.
Section "Setup: Configuring the Git repository" from the article has the steps on it.
Alberto Teodoro
commented Feb 16 '17, 7:00 p.m.
Hi Shubjit,
Shubjit Naik
commented Feb 16 '17, 11:44 p.m.
Great, thanks for the update Alberto.
showing 5 of 11
show 6 more comments
|
One other answer
{
"_Comment": "The is an example configuration file used by the Node application. This file is in JSON format and every property (say, X) has a corresponding description property (X-Description), which provides a simple explanation about the property itself. To start using this file, fill in the required fields and delete this property from the file.",
"Version": 1,
"Version-Description": "Version number of this config file",
"Server-Use-HTTPS": false,
"Server-Use-HTTPS-Description": "Boolean value that determines whether to use secure socket layer for HTTP communication",
"Server-Key-File-Path": "",
"Server-Key-File-Path-Description": "Absolute Path on the server to the server key file; MUST when HTTPS protocol is to be used",
"Server-Certificate-File-Path": "",
"Server-Certificate-File-Path-Description": "Absolute Path on the server to the certificate file; MUST when HTTPS protocol is to be used",
"Server-Setup-HTTP-Redirector": true,
"Server-Setup-HTTP-Redirector-Description": "Boolean value that determines if an HTTP listener has to be setup; this listener simply diverts the incoming requests to same endpoint over HTTPS",
"Server-Port": 80,
"Server-Port-Description": "Integer value that defines the port on which the server has to listen to",
"Server-Socket-Timeout": 180000,
"Server-Socket-Timeout-Description": "Timeout (in milliseconds) to be set for socket connection. Default is 3 minutes. Set to 0 for indefinite.",
"Git-Executable-Path": "git",
"Git-Executable-Path-Description": "Absolute path to the git executable on the server; provide the absolute path, if 'git' is not found on the PATH environment variable",
"Git-Repositories-Root-Dir": "/dati/git/almsvil/",
"Git-Repositories-Root-Dir-Description": "Absolute path to the directory on the server where the Git repositories are located",
"Git-Use-NodeGit": true,
"Git-Use-NodeGit-Description": "Boolean Value that determines if nodegit module is to be used for operating on Git repositories. Setting to true implies that nodegit module is installed and is available to this server.",
"Auth-Profiles": {
"Ldap-1": {
"type": "LDAP",
"url": "ldap://rete.test:389",
"bindDn": "CN=USR_LDAP,OU=Service Account,DC=rete,DC=test",
"bindCredentials": "LDAPpassword",
"searchBase": "DC=rete,DC=test",
"searchFilter": "(uid={{sAMAccountName}})",
"searchAttributes": null
},
"Basic-1": {
"type": "BASIC",
"method": "GET"
}
},
"Auth-Profiles-Description": "Set of authentication profiles available. It is a map - with the profile name itself being the key, and the properties being the value. The value object must contain 'type' property as one of 'LDAP', 'BASIC' (Please note that it is case-sensitive). In case of LDAP authentication, the value object should have properties pertaining LDAP authentication. Some basic properties are listed here. However, you can add others if needed. The list of properties is documented here: https://github.com/vesse/node-ldapauth-fork#ldapauth-config-options. In case of BASIC authentication, the value object should have 'url' and 'method' properties against which the HTTP Basic authentication is done. If 'method' property is absent, 'GET' is assumed.",
"Git-URL-Prefixes": {
"/git": {
"authProfile": "Ldap-1"
}
},
"Git-URL-Prefixes-Description": "Set of URL prefixes to be considered for the Git request. It is a map - with the prefix itself being the key, and the properties being the value. Right now the only supported property is 'authProfile' and its value can be one of the profile names in 'Auth-Profiles' configuration property. If 'authProfile' property is defined, the corresponding auth profile is applied; otherwise, no authentication is performed. In this case for example, the auth profile 'Ldap-1' will be applied for a Git repository having a url http://gitserver:9999/git/MyRepo.git since /git is the prefix to the git repository MyRepo.git"
}
Comments
Shubjit Naik
commented Feb 16 '17, 4:26 a.m.
Hi Alberto
1. I see a small config change is needed for searchFilter
Change From
"searchFilter": "(uid={{sAMAccountName}})",
TO
"searchFilter": "(sAMAccountName={{username}})",
2. The URL being accessed should match you "Git-URL-Prefixes" , as per your config it is /git so your URL would be
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.