Defect #796

Active directory LDAP authentification broken.

Added by Sergej Jegorov almost 10 years ago. Updated over 9 years ago.

Status:ClosedStart date:2008-03-06
Priority:NormalDue date:
Assignee:Jean-Philippe Lang% Done:

0%

Category:Accounts / authentication
Target version:0.7
Resolution: Affected version:

Description

Active directory LDAP authentification is broken after svn update to r1198

If to change app/models/auth_source_ldap.rb to r1169 - AD LDAP auth works fine.

History

#1 Updated by Sergej Jegorov almost 10 years ago

production.log with debug

Processing AccountController#login (for 127.0.0.1 at 2008-03-06 16:32:30) [POST]
  Session ID: ae7fc8f0fe6b88f73affb24231a03ce0
  Parameters: {"action"=>"login", "username"=>"sergio", "controller"=>"account", "password"=>"[FILTERED]", "login"=>"Вход »"}
  Setting Columns (0.000977)   SHOW FIELDS FROM `settings`
  SQL (0.000140)   SELECT max(updated_on) AS max_updated_on FROM `settings`
  SQL (0.000961)   SHOW TABLES
  User Columns (0.001709)   SHOW FIELDS FROM `users`
  SQL (0.001026)   SHOW TABLES
  Project Columns (0.001378)   SHOW FIELDS FROM `projects`
  SQL (0.000965)   SHOW TABLES
  Issue Columns (0.001884)   SHOW FIELDS FROM `issues`
  SQL (0.000998)   SHOW TABLES
  SQL (0.000888)   SHOW TABLES
  SQL (0.000867)   SHOW TABLES
  AnonymousUser Columns (0.001769)   SHOW FIELDS FROM `users`
  AnonymousUser Load (0.000196)   SELECT * FROM `users` WHERE ( (`users`.`type` = 'AnonymousUser' ) ) LIMIT 1
  User Load (0.000712)   SELECT * FROM `users` WHERE (login='sergio') LIMIT 1
  AuthSource Columns (0.001738)   SHOW FIELDS FROM `auth_sources`
  AuthSource Load (0.000206)   SELECT * FROM `auth_sources` WHERE (`auth_sources`.`id` = 1)
  AuthSourceLdap Columns (0.001649)   SHOW FIELDS FROM `auth_sources`
Rendering template within layouts/base
Rendering account/login
  Setting Load (0.000245)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'autologin') LIMIT 1
  Setting Load (0.000155)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'lost_password') LIMIT 1
  Setting Load (0.000173)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'app_title') LIMIT 1
  Setting Load (0.000142)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'ui_theme') LIMIT 1
  Setting Load (0.000156)   SELECT * FROM `settings` WHERE (`settings`.`name` = 'self_registration') LIMIT 1
  Member Columns (0.001340)   SHOW FIELDS FROM `members`
  SQL (0.000206)   SELECT count(DISTINCT `members`.id) AS count_all FROM `members` LEFT OUTER JOIN `projects` ON `projects`.id = `members`.project_id LEFT OUTER JOIN `roles` ON `roles`.id = `members`.role_id WHERE (members.user_id = 2 AND (projects.status=1))
Completed in 0.57083 (1 reqs/sec) | Rendering: 0.07253 (12%) | DB: 0.02354 (4%) | 200 OK [http://redmine.elgama.lt/login]

#2 Updated by Sergej Jegorov almost 10 years ago

if app/models/auth_source_ldap.rb change revision to r1169 production.log shows:

Processing AccountController#login (for 127.0.0.1 at 2008-03-06 16:46:48) [POST]
  Session ID: ae7fc8f0fe6b88f73affb24231a03ce0
  Parameters: {"action"=>"login", "username"=>"sergio", "controller"=>"account", "password"=>"[FILTERED]", "login"=>"Вход »"}
  SQL (0.000190)   SELECT max(updated_on) AS max_updated_on FROM `settings`
  User Load (0.000760)   SELECT * FROM `users` WHERE (login='sergio') LIMIT 1
  AuthSource Columns (0.001855)   SHOW FIELDS FROM `auth_sources`
  AuthSource Load (0.000194)   SELECT * FROM `auth_sources` WHERE (`auth_sources`.`id` = 1)
  AuthSourceLdap Columns (0.001909)   SHOW FIELDS FROM `auth_sources`
DN found for sergio: CN=Sergej Jegorov,CN=Users,DC=elgama,DC=lt
Authentication successful for 'sergio'
  SQL (0.000146)   BEGIN
  User Update (0.001008)   UPDATE `users` SET `login` = 'sergio', `hashed_password` = '', `auth_source_id` = 1, `lastname` = 'Jegorov', `status` = 1, `mail_notification` = 0, `type` = NULL, `admin` = 1, `last_login_on` = '2008-03-06 16:46:49', `updated_on` = '2008-03-06 16:46:49', `language` = 'lt', `mail` = 'my@e-mail', `firstname` = 'Sergej', `created_on` = '2008-01-09 21:28:09' WHERE `id` = 6
  SQL (0.017064)   COMMIT
Redirected to http://redmine.elgama.lt/my/page
Completed in 0.15206 (6 reqs/sec) | DB: 0.02313 (15%) | 302 Found [http://redmine.elgama.lt/login]

#3 Updated by Jean-Philippe Lang almost 10 years ago

Do you specify a username/password on the LDAP setup screen or do you read it anonymously ?

#4 Updated by Sergej Jegorov almost 10 years ago

We use user/pass on the AD Domain controller (no anonymous). We don't use LDAPS, and "Test connection" link Show sucseeful message.

#5 Updated by Jean-Philippe Lang almost 10 years ago

  • Status changed from New to Resolved

My fault. Fix is committed in r1199.

#6 Updated by Sergej Jegorov almost 10 years ago

This is Works fine!

Thank yor very mach.

#7 Updated by Jean-Philippe Lang over 9 years ago

  • Status changed from Resolved to Closed
  • Target version set to 0.7

Also available in: Atom PDF