Login error to Gerrit : Server Error , Version 3.8.1
266 views
Skip to first unread message
Guy Levkowitz
Mar 31, 2024, 9:15:49 AM3/31/24
to Repo and Gerrit Discussion
Hey
We have 3 new developers (in the company)that tries to login to the Gerrit UI
and they get the error of Server Error (attached form developer tool via Chrome)
Our Server define LDAP Authentication, all are working fine, except those 3 new developers
nothing can be see in the error log
We have anther server which using for staging (upgrade check test and more) which define with the same LDAP configuration as our production - on the Staging server those 3 developer can login.
On other system that has also LDAP with the same definition also those 3 developers can login , the problem just on our Production server - what can be done ?
Any Idea
Any Idea
Maybe needs to run :
gerrit flush-caches --cache accounts
Maybe it can help ?
will be glad for help
gerrit flush-caches --cache accounts
Maybe it can help ?
will be glad for help
thanks
Guy Levkowitz
Michael Nazzareno Trimarchi
Mar 31, 2024, 10:59:25 AM3/31/24
to Guy Levkowitz, Repo and Gerrit Discussion
Hi
Is possible that those developers has name with some not standard char in the name?
Like Ñiki
Michael
--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en
---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/ebbeb8c7-1d33-4443-8273-43fccfe79ea4n%40googlegroups.com.
Guy Levkowitz
Mar 31, 2024, 2:35:13 PM3/31/24
to Repo and Gerrit Discussion
I don't think so, we are using only English names characters.
Also when i run the ldapsearch command in Linux on my user and their it get the same output - which all ok and it found it
As i wrote on anther server of Gerrit - which is our Gerrit-stg it works fine , the same LDAP configuration - this is first time it happen- in my 5 Years working with Gerrit :-(
ב-יום ראשון, 31 במרץ 2024 בשעה 17:59:25 UTC+3, Michael Nazzareno Trimarchi כתב/ה:
Guy Levkowitz
Apr 1, 2024, 2:51:56 AM4/1/24
to Repo and Gerrit Discussion
We have also script that add the public key automatically to the SSH Key via command curl (and the error below) :
curl -v -X POST -u <username> -H "Content-Type: text/plain" -d "@C:\Users\<username>amitpaz\.ssh\id_rsa.pub" -k https://<servername>.com:8443/a/accounts/<username>/sshkeys
Enter host password for user '<username>':
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 194.29.37.91:8443...
* Connected to <server>.com (IP) port <number> (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: ...
* start date: Aug 28 07:35:13 2022 GMT
* expire date: Aug 27 07:35:13 2024 GMT
* issuer:
* SSL certificate verify result: self signed certificate in certificate chain
* Server auth using Basic with user 'username'
> POST /a/accounts/username/sshkeys HTTP/1.1
> Host: gerrit.com:port
> Authorization: Basic
> User-Agent: curl/7.74.0
> Accept: */*
> Content-Type: text/plain
> Content-Length: 575
>
* upload completely sent off: 575 out of 575 bytes
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic realm="Gerrit Code Review"
< Content-Type: text/plain;charset=iso-8859-1
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: Mon, 01 Jan 1990 00:00:00 GMT
< Date: Mon, 01 Apr 2024 06:00:45 GMT
< Content-Length: 12
<
Unauthorized* Connection #0 to host <gerrit>.com left intact
curl -v -X POST -u <username> -H "Content-Type: text/plain" -d "@C:\Users\<username>amitpaz\.ssh\id_rsa.pub" -k https://<servername>.com:8443/a/accounts/<username>/sshkeys
Enter host password for user '<username>':
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 194.29.37.91:8443...
* Connected to <server>.com (IP) port <number> (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: ...
* start date: Aug 28 07:35:13 2022 GMT
* expire date: Aug 27 07:35:13 2024 GMT
* issuer:
* SSL certificate verify result: self signed certificate in certificate chain
* Server auth using Basic with user 'username'
> POST /a/accounts/username/sshkeys HTTP/1.1
> Host: gerrit.com:port
> Authorization: Basic
> User-Agent: curl/7.74.0
> Accept: */*
> Content-Type: text/plain
> Content-Length: 575
>
* upload completely sent off: 575 out of 575 bytes
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Mark bundle as not supporting multiuse
< HTTP/1.1 401 Unauthorized
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic realm="Gerrit Code Review"
< Content-Type: text/plain;charset=iso-8859-1
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Pragma: no-cache
< Expires: Mon, 01 Jan 1990 00:00:00 GMT
< Date: Mon, 01 Apr 2024 06:00:45 GMT
< Content-Length: 12
<
Unauthorized* Connection #0 to host <gerrit>.com left intact
Any Idea ?
ב-יום ראשון, 31 במרץ 2024 בשעה 21:35:13 UTC+3, Guy Levkowitz כתב/ה:
Guy Levkowitz
Apr 1, 2024, 9:10:59 AM4/1/24
to Repo and Gerrit Discussion
Looking at the log:
com.google.gerrit.httpd.ProjectBasicAuthFilter : Authentication failed for amitpaz: account inactive or not provisioned in Gerrit
com.google.gerrit.httpd.ProjectBasicAuthFilter : Authentication failed for amitpaz: account inactive or not provisioned in Gerrit
ב-יום שני, 1 באפריל 2024 בשעה 09:51:56 UTC+3, Guy Levkowitz כתב/ה:
Guy Levkowitz
Apr 2, 2024, 2:08:00 AM4/2/24
to Repo and Gerrit Discussion
fix by :
mv /git/All-Users.git/packed-refs.lock /git/All-Users.git/packed-refs.old
mv /git/All-Users.git/packed-refs.lock /git/All-Users.git/packed-refs.old
ב-יום שני, 1 באפריל 2024 בשעה 16:10:59 UTC+3, Guy Levkowitz כתב/ה:
Matthias Sohn
Apr 2, 2024, 3:16:17 AM4/2/24
to Guy Levkowitz, Repo and Gerrit Discussion
On Tue, Apr 2, 2024 at 8:08 AM Guy Levkowitz <sil...@gmail.com> wrote:
fix by :
mv /git/All-Users.git/packed-refs.lock /git/All-Users.git/packed-refs.old
You may end up with such a stale lock file if Gerrit crashed while having locked a ref
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/59c8ce9c-92ec-43f0-8dc1-b9abef8145f7n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages