I'm not familiar with supervisord. I would expect the print output to
show up in your stdout_logfile ... but only after a restart of
supervisord (or your Kallithea service).
Do you see other output in the log? What?
Perhaps instead try
log.error('Got ldap DN response %s: %r', user_dn, ldap_attrs)
Perhaps also try temporarily running gearbox in the foreground as the
Kallithea user, just for testing.
(Others with a working AD/LDAP setup can perhaps also help out testing.)
/Mads
On 3/5/20 5:41 PM, Reuben Popp wrote:
Okay, so I added that line, along with an additional line above it to
print my name as a placeholder, but I'm not seeing this in the stdout
file (I'm running kallithea using supervisord). Is there something
else I need to do or add to my.ini?
Thanks again
On Thu, Mar 5, 2020 at 9:48 AM Mads Kiilerich <[email protected]
<mailto:[email protected]>> wrote:
On 3/5/20 4:29 PM, Reuben Popp wrote:
Good morning Mads (or afternoon as the case may be where you're at).
My apologies that the report was so sparse. When I wrote it, I
was neck deep in the middle of trying to get things set up for
our architects to trial Kallithea.
Yes, this was the default branch downloaded from the bitbucket
mirror on February 25th.
My original report and fix were incorrect. With it in place,
what I noticed was that while an Active Directory account could
log in, it would prevent me from logging in using the (local)
kallithea admin account. My best guess here, being a relatively
new python noob is that in the case of the kallithea admin
account, the email was a string literal, which would then fail
because there was no decode() method. On the other hand, it
would work for a byte string such as that coming from AD.
That said, the following works for both AD and the local
kallithea account:
--- lib/helpers.py 2020-02-25 11:18:44.000000000 -0600
+++ lib/helpers.py.new 2020-03-05 09:11:30.394700849 -0600
@@ -951,6 +951,9 @@
if email_address == _def:
return default
+ if isinstance(email_address, bytes):
+ email_address = email_address.decode('utf-8')
+
parsed_url = urllib.parse.urlparse(url.current(qualified=True))
url = (c.visual.gravatar_url or User.DEFAULT_GRAVATAR_URL) \
.replace('{email}', email_address) \
One thing of note though, and I think this is a deeper issue, as
you said, and that's when I look at any AD user account in
kallithea, each field (eg, first, last, etc) is enclosed in the
byte (?) field delimiter. eg: b'Reuben' b'Popp'
Yes, the problem seems to be that values retrieved from LDAP are
byte encoded. They should be decoded in auth_ldap. But probably
only some of the values. I would thus still need
Can you try this and report back when it prints out when you
log in
using AD/LDAP?
--- kallithea/lib/auth_modules/auth_ldap.py
+++ kallithea/lib/auth_modules/auth_ldap.py
@@ -326,6 +326,7 @@ class KallitheaAuthPlugin(auth_modules.K
aldap = AuthLdap(**kwargs)
(user_dn, ldap_attrs) =
aldap.authenticate_ldap(username,
password)
log.debug('Got ldap DN response %s', user_dn)
+ print(ldap_attrs)
def get_ldap_attr(k):
return ldap_attrs.get(settings.get(k), [''])[0]
/Mads
_______________________________________________
kallithea-general mailing list
[email protected]
https://lists.sfconservancy.org/mailman/listinfo/kallithea-general
