Make OTRS Customers to authenticate against Joomla

Details
Category: Technology
Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

OTRS is one of the best open source service desk software I have ever seen. This software claims to be compatible with 6 ITIL processes, which it is more than amazing. I have been using OTRS since release 3 if I remember for good, and because of that, I have had done little patches to make it work as I want.

You should know I love Joomla as CMS, this blog is done with it. My enterprise website is using Joomla as well, and we must use OTRS as our elected ticketing system. A user in the Joomla website is a customer in the OTRS system. So, it must authenticate to log into the user portal. Joomla uses other crypt hash for its passwords, so I am going to talk here how I make it work.

I will assume you have a working Joomla 3.4 and OTRS 4 or better.

Apply the following patch. Edit it manually if it doesn't work out of the box. 

--- Kernel/System/CustomerAuth/DB.pm.orig       2015-02-24 18:13:39.000000000 -0500
+++ Kernel/System/CustomerAuth/DB.pm    2015-02-26 18:53:43.000000000 -0500
@@ -48,6 +48,8 @@ sub new {
        || die "Need CustomerAuthModule::DB::CustomerPw$Param{Count} in Kernel/Config.pm!";
    $Self->{CryptType} = $ConfigObject->Get( 'Customer::AuthModule::DB::CryptType' . $Param{Count} )
        || '';
+    $Self->{SQL} = $ConfigObject->Get( 'Customer::AuthModule::DB::SQL' . $Param{Count} )
+        || '';

    if ( $ConfigObject->Get( 'Customer::AuthModule::DB::DSN' . $Param{Count} ) ) {
        $Self->{DBObject} = Kernel::System::DB->new(
@@ -112,7 +114,7 @@ sub Auth {

    # sql query
    $Self->{DBObject}->Prepare(
-        SQL => "
+        SQL => $Self->{SQL}?$Self->{SQL}:"
            SELECT $Self->{Pw}, $Self->{Key} FROM $Self->{Table} WHERE
            $Self->{Key} = ?
            ",
@@ -148,8 +150,17 @@ sub Auth {
    # md5 or sha pw
    elsif ( $GetPw !~ /^.{13}$/ ) {

+       # bcrypt variant
+        if ( $GetPw =~ m{\A\$2[ay]?\$[0-9]{2}\$[./A-Za-z0-9]{22}}xms ) {
+           use Crypt::Eksblowfish::Bcrypt qw(bcrypt_hash bcrypt);
+            my ( $Cost, $Salt ) = $GetPw =~ m{^\$2[ay]?\$([0-9]{2})\$([./A-Za-z0-9]{22})}xms;
+            $EncodeObject->EncodeOutput( \$Pw );
+           $CryptedPw = bcrypt( $Pw, '$2y$'.$Cost.'$'.$Salt );
+            $EncodeObject->EncodeInput( \$CryptedPw );
+       }
+
        # md5 pw
-        if ( $GetPw =~ m{\A \$.+? \$.+? \$.* \z}xms ) {
+        elsif ( $GetPw =~ m{\A \$.+? \$.+? \$.* \z}xms ) {

            # strip Salt
            $Salt =~ s/^(\$.+?\$)(.+?)\$.*$/$2/;

Edit your Config.pm file and point to your Joomla database, check the $Self->{'DatabaseUser'} parameter.

To finish, install the Crypt::Eksblowfish::Bcrypt Perl package, you can install it from my RPM repository.

Enjoy!

blog comments powered by Disqus

Most Read Posts in Technology

Last Articles

About

Read about IT, Migration, Business, Money, Marketing and other subjects.

Some subjects: FusionPBX, FreeSWITCH, Linux, Security, Canada, Cryptocurrency, Trading.