LDAP auth is working with test_ldap_connection but not through the web login
238 views
Skip to first unread message
Dominick Rivard
Apr 4, 2012, 2:00:31 PM4/4/12
to gito...@googlegroups.com
Hi,
I am trying to hook my gitorious server to LDAP (Microsoft Active Directory) and I am unable to connect through the web interface.
script/test_ldap_connection 'drivard' '*******'
it returns
All good, your credentials are correct
So I restarted the hole server to be sure every new settings was taken care of:
/etc/init.d/git-daemon stop/etc/init.d/git-ultrasphinx stop/etc/init.d/activemq stop/etc/init.d/git-poller stop/etc/init.d/apache2 stop/etc/init.d/git-daemon start/etc/init.d/git-ultrasphinx start/etc/init.d/activemq start/etc/init.d/git-poller start/etc/init.d/apache2 start
The authentication.yml file looks like this:
production:disable_default: truemethods:- adapter: Gitorious::Authentication::LDAPAuthenticationhost: 10.255.1.15port: 389base_dn: CN=Users,DC=example,DC=comlogin_attribute: CNattribute_mapping:name: fullnamemail: emailencryption: none
In our Active Directory the mail attribute is our email and the name attribute is our fullname.
I don't know what is different from the test script and the web login.
The exception email notification looks like this :
A ActiveRecord::RecordInvalid occurred in sessions#create:
Validation failed: Login is invalid[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/validations.rb:1090:in `save_without_dirty!'-------------------------------Request:-------------------------------* URL : https://git.example.com/sessions* IP address: 172.30.36.27* Parameters: {"authenticity_token"=>"olo1QV+BHzGFqQFFIlFga7bEp150SL6PYrtIns+8tgU=", "commit"=>"Log in", "email"=>"dominick rivard", "controller"=>"sessions", "action"=>"create", "openid_url"=>"", "method"=>:get, "password"=>"[FILTERED]"}* Rails root: /var/www/gitorious-------------------------------Session:-------------------------------* session: {:session_id=>"e9275d2f0f80d645e5ae8d2dc33a8ff5", :_csrf_token=>"olo1QV+BHzGFqQFFIlFga7bEp150SL6PYrtIns+8tgU=", "flash"=>{:error=>"Email and/or password did not match, please try again."}}-------------------------------Environment:-------------------------------* CONTENT_LENGTH : 135* CONTENT_TYPE : application/x-www-form-urlencoded* DOCUMENT_ROOT : /var/www/gitorious/public* HTTPS : on* HTTP_ACCEPT : text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8* HTTP_ACCEPT_CHARSET : ISO-8859-1,utf-8;q=0.7,*;q=0.3* HTTP_ACCEPT_ENCODING : gzip,deflate,sdch* HTTP_ACCEPT_LANGUAGE : fr-CA,fr;q=0.8,en-GB;q=0.6,en;q=0.4,en-US;q=0.2* HTTP_CACHE_CONTROL : max-age=0* HTTP_CONNECTION : keep-alive* HTTP_COOKIE : _gitorious_sess=BAh7CDoPc2Vzc2lvbl9pZCIlZTkyNzVkMmYwZjgwZDY0NWU1YWU4ZDJkYzMzYThmZjU6EF9jc3JmX3Rva2VuIjFvbG8xUVYrQkh6R0ZxUUZGSWxGZ2E3YkVwMTUwU0w2UFlydElucys4dGdVPSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsGOgplcnJvciI7RW1haWwgYW5kL29yIHBhc3N3b3JkIGRpZCBub3QgbWF0Y2gsIHBsZWFzZSB0cnkgYWdhaW4uBjoKQHVzZWR7BjsIVA%3D%3D--90698d4792cf9b8282ea2efd1826a18cd6bafdfb* HTTP_HOST : git.example.com* HTTP_ORIGIN : https://git.example.com* HTTP_REFERER : https://git.example.com/sessions* HTTP_USER_AGENT : Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.142 Safari/535.19* PASSENGER_CONNECT_PASSWORD : [FILTERED]* PATH_INFO : /sessions* QUERY_STRING :* REMOTE_ADDR : 172.30.36.27* REMOTE_PORT : 4107* REQUEST_METHOD : POST* REQUEST_URI : /sessions* SCRIPT_NAME :* SERVER_ADDR : 172.30.50.42* SERVER_ADMIN : nor...@example.com* SERVER_NAME : git.example.com* SERVER_PORT : 443* SERVER_PROTOCOL : HTTP/1.1* SERVER_SOFTWARE : Apache/2.2.16 (Debian)* SSL_TLS_SNI : git.example.com* _ : _* action_controller.request.path_parameters : actioncreatecontrollersessionsmethodget* action_controller.request.query_parameters :* action_controller.request.request_parameters: commitLog inauthenticity_tokenolo1QV+BHzGFqQFFIlFga7bEp150SL6PYrtIns+8tgU=emaildominick rivardopenid_urlpasswordcaroli01* action_controller.rescue.request : #<ActionController::Request:0x6fa29a8>* action_controller.rescue.response : #<ActionController::Response:0x6fa2980>* rack.errors : #<IO:0xdde9b0>* rack.input : #<PhusionPassenger::Utils::RewindableInput:0x6fcb448>* rack.multiprocess : true* rack.multithread : false* rack.request.cookie_hash : _gitorious_sessBAh7CDoPc2Vzc2lvbl9pZCIlZTkyNzVkMmYwZjgwZDY0NWU1YWU4ZDJkYzMzYThmZjU6EF9jc3JmX3Rva2VuIjFvbG8xUVYrQkh6R0ZxUUZGSWxGZ2E3YkVwMTUwU0w2UFlydElucys4dGdVPSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsGOgplcnJvciI7RW1haWwgYW5kL29yIHBhc3N3b3JkIGRpZCBub3QgbWF0Y2gsIHBsZWFzZSB0cnkgYWdhaW4uBjoKQHVzZWR7BjsIVA==--90698d4792cf9b8282ea2efd1826a18cd6bafdfb* rack.request.cookie_string : _gitorious_sess=BAh7CDoPc2Vzc2lvbl9pZCIlZTkyNzVkMmYwZjgwZDY0NWU1YWU4ZDJkYzMzYThmZjU6EF9jc3JmX3Rva2VuIjFvbG8xUVYrQkh6R0ZxUUZGSWxGZ2E3YkVwMTUwU0w2UFlydElucys4dGdVPSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNoSGFzaHsGOgplcnJvciI7RW1haWwgYW5kL29yIHBhc3N3b3JkIGRpZCBub3QgbWF0Y2gsIHBsZWFzZSB0cnkgYWdhaW4uBjoKQHVzZWR7BjsIVA%3D%3D--90698d4792cf9b8282ea2efd1826a18cd6bafdfb* rack.request.form_hash : commitLog inauthenticity_tokenolo1QV+BHzGFqQFFIlFga7bEp150SL6PYrtIns+8tgU=emaildominick rivardopenid_urlpasswordcaroli01* rack.request.form_input : #<PhusionPassenger::Utils::RewindableInput:0x6fcb448>* rack.request.form_vars : authenticity_token=olo1QV%2BBHzGFqQFFIlFga7bEp150SL6PYrtIns%2B8tgU%3D&email=dominick+rivard&password=caroli01&commit=Log+in&openid_url=* rack.request.query_hash :* rack.request.query_string :* rack.run_once : false* rack.session : session_ide9275d2f0f80d645e5ae8d2dc33a8ff5_csrf_tokenolo1QV+BHzGFqQFFIlFga7bEp150SL6PYrtIns+8tgU=flasherrorEmail and/or password did not match, please try again.* rack.session.options : domain.git.example.compath/key_session_idexpire_after1814400ide9275d2f0f80d645e5ae8d2dc33a8ff5httponlytrue* rack.url_scheme : https* rack.version : 10* Process: 7524* Server : gitorious.dv-------------------------------Backtrace:-------------------------------[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/validations.rb:1090:in `save_without_dirty!'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/dirty.rb:87:in `save_without_transactions!'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/transactions.rb:200:in `save!'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb:136:in `transaction'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/transactions.rb:182:in `transaction'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/transactions.rb:200:in `save!'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/transactions.rb:208:in `rollback_active_record_state!'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/transactions.rb:200:in `save!'[RAILS_ROOT]/lib/gitorious/authentication/ldap_authentication.rb:102:in `auto_register'[RAILS_ROOT]/lib/gitorious/authentication/ldap_authentication.rb:72:in `authenticate'[RAILS_ROOT]/lib/gitorious/authentication.rb:25:in `authenticate'[RAILS_ROOT]/lib/gitorious/authentication.rb:24:in `each'[RAILS_ROOT]/lib/gitorious/authentication.rb:24:in `authenticate'[RAILS_ROOT]/app/controllers/sessions_controller.rb:96:in `password_authentication'[RAILS_ROOT]/app/controllers/sessions_controller.rb:42:in `create'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/base.rb:1331:in `send'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/base.rb:1331:in `perform_action_without_filters'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/filters.rb:617:in `call_filters'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/filters.rb:610:in `perform_action_without_benchmark'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/benchmarking.rb:68:in `perform_action_without_rescue'[RAILS_ROOT]/vendor/rails/activesupport/lib/active_support/core_ext/benchmark.rb:17:in `ms'/opt/ruby-enterprise-1.8.7-2012.02/lib/ruby/1.8/benchmark.rb:308:in `realtime'[RAILS_ROOT]/vendor/rails/activesupport/lib/active_support/core_ext/benchmark.rb:17:in `ms'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/benchmarking.rb:68:in `perform_action_without_rescue'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/rescue.rb:160:in `perform_action_without_flash'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/flash.rb:146:in `perform_action'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/base.rb:532:in `send'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/base.rb:532:in `process_without_filters'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/filters.rb:606:in `process'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/base.rb:391:in `process'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/base.rb:386:in `call'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/routing/route_set.rb:437:in `call'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/dispatcher.rb:87:in `dispatch'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/dispatcher.rb:121:in `_call'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/dispatcher.rb:130:in `build_middleware_stack'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/query_cache.rb:29:in `call'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/query_cache.rb:29:in `call'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/connection_adapters/abstract/query_cache.rb:34:in `cache'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/query_cache.rb:9:in `cache'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/query_cache.rb:28:in `call'[RAILS_ROOT]/vendor/rails/activerecord/lib/active_record/connection_adapters/abstract/connection_pool.rb:361:in `call'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/string_coercion.rb:25:in `call'/opt/ruby-enterprise-1.8.7-2012.02/lib/ruby/gems/1.8/gems/rack-1.0.1/lib/rack/head.rb:9:in `call'/opt/ruby-enterprise-1.8.7-2012.02/lib/ruby/gems/1.8/gems/rack-1.0.1/lib/rack/methodoverride.rb:24:in `call'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/params_parser.rb:15:in `call'[RAILS_ROOT]/vendor/rails/railties/lib/rails/rack/metal.rb:47:in `call'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/session/cookie_store.rb:93:in `call'[RAILS_ROOT]/vendor/rails/activesupport/lib/active_support/cache/strategy/local_cache.rb:24:in `call'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/failsafe.rb:26:in `call'/opt/ruby-enterprise-1.8.7-2012.02/lib/ruby/gems/1.8/gems/rack-1.0.1/lib/rack/lock.rb:11:in `call'/opt/ruby-enterprise-1.8.7-2012.02/lib/ruby/gems/1.8/gems/rack-1.0.1/lib/rack/lock.rb:11:in `synchronize'/opt/ruby-enterprise-1.8.7-2012.02/lib/ruby/gems/1.8/gems/rack-1.0.1/lib/rack/lock.rb:11:in `call'[RAILS_ROOT]/vendor/rails/actionpack/lib/action_controller/dispatcher.rb:106:in `call'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/rack/request_handler.rb:96:in `process_request'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_request_handler.rb:513:in `accept_and_process_next_request'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_request_handler.rb:274:in `main_loop'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/classic_rails/application_spawner.rb:321:in `start_request_handler'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/classic_rails/application_spawner.rb:275:in `send'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/classic_rails/application_spawner.rb:275:in `handle_spawn_application'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/utils.rb:479:in `safe_fork'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/classic_rails/application_spawner.rb:270:in `handle_spawn_application'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server.rb:357:in `__send__'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server.rb:180:in `start'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/classic_rails/application_spawner.rb:149:in `start'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/spawn_manager.rb:219:in `spawn_rails_application'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server_collection.rb:132:in `lookup_or_add'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/spawn_manager.rb:214:in `spawn_rails_application'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server_collection.rb:82:in `synchronize'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/spawn_manager.rb:213:in `spawn_rails_application'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/spawn_manager.rb:132:in `spawn_application'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/spawn_manager.rb:275:in `handle_spawn_application'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server.rb:357:in `__send__'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server.rb:357:in `server_main_loop'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/lib/phusion_passenger/abstract_server.rb:206:in `start_synchronously'/opt/ruby-enterprise/lib/ruby/gems/1.8/gems/passenger-3.0.11/helper-scripts/passenger-spawn-server:99
Thank you!
Reply all
Reply to author
Forward
0 new messages