I found the problem. I am using OpenLDAP for UNIX systems, the
combination which generally uses RFC2307bis mappings (also called the
NIS schema sometimes). Anyway, the reviewboard code assumes RFC2307 AD
mappings, which usually offers the first and last names as 'givenName'
and 'sn'. In the UNIX world, these are both simply in the 'gecos'
field and must be further extracted, as in the NIS case. It is these
missing fields that is causing the process to fail. When I set these
to fixed strings in the code, the initial and subsequent logins work:

first_name = "Joe"
last_name = "User"

instead of:

first_name = passwd[0][1]['givenName'][0]
last_name = passwd[0][1]['sn'][0]

The gecos field is similarly available:

gecos = passwd[0][1]['gecos'][0]

... but again, it must be further processed.

I'd offer a patch, but I'd rather leave it to the maintainer to decide
how s/he wants to handle this case.

Brian

On Nov 3, 5:17 pm, "Christian Hammond" <[EMAIL PROTECTED]> wrote:
> So, the one LDAP exception handler I didn't add logging to was the
> "INVALID_CREDENTIALS" handler. This is thrown if the user's login/password
> are invalid, *or* if the user mask string isn't correct. I'd imagine it's
> probably the latter. Sure there's no typos or anything?
>
> Christian
>
> --
> Christian Hammond - [EMAIL PROTECTED]
> VMware, Inc.
>
> On Mon, Nov 3, 2008 at 5:14 PM, Brian Hill <[EMAIL PROTECTED]> wrote:
>
> > I checked out the latest reviewboard and enabled logging. I see the
> > log, but it contains very little detail - only INFO lines and nothing
> > related to my failed LDAP logins. Is there some way to increase the
> > verbosity that I missed?
>
> > 2008-11-03 17:10:43,002 - INFO - Logging to /tmp/reviewboard.log with
> > a minimum level of DEBUG
> > 2008-11-03 17:10:43,002 - INFO - Log file for Review Board v0.9
> > 2008-11-03 17:10:43,649 - INFO - Logging to /tmp/reviewboard.log with
> > a minimum level of DEBUG
> > 2008-11-03 17:10:43,649 - INFO - Log file for Review Board v0.9
> > ...
>
> > Brian
>
> > On Oct 30, 11:03 pm, "Christian Hammond" <[EMAIL PROTECTED]> wrote:
> > > Okay, these are in. Hopefully it will tell you what's going wrong, or at
> > > least give you some error message you can use as a basis in your
> > diagnosis.
> > > Let me know.
>
> > > Christian
>
> > > --
> > > Christian Hammond - [EMAIL PROTECTED]
> > > VMware, Inc.
>
> > > On Thu, Oct 30, 2008 at 5:42 PM, Christian Hammond <[EMAIL PROTECTED]
> > >wrote:
>
> > > > I don't know how your python knowledge is, but it might be useful to
> > open
> > > > up accounts/backends.py and do some logging in the error handlers, find
> > out
> > > > what it is that's failing.
>
> > > > I'll try to get some logging in for the error cases later today.
>
> > > > Christian
>
> > > > --
> > > > Christian Hammond - [EMAIL PROTECTED]
> > > > VMware, Inc.
>
> > > > On Thu, Oct 30, 2008 at 4:33 PM, Brian Hill <[EMAIL PROTECTED]> wrote:
>
> > > >> 1) If I repeatedly clear the browser cache (Firefix 3.0.3 / Windows &
> > > >> IE 7), the settings appear as the defaults, but it is seems pretty
> > > >> clear that caching is causing a lot of this.
>
> > > >> 2) In any case, I cannot get an LDAP users to authenticate. I clearly
> > > >> see the LDAP traffic generated by reviewboard (with tcpdump), but
> > > >> that's the extent of any success with the settings.
>
> > > >> Thanks for puting the effort into this...
>
> > > >> Brian
>
> > > >> On Oct 30, 3:57 pm, "Christian Hammond" <[EMAIL PROTECTED]> wrote:
> > > >> > Okay, so the wrong settings are showing up after hitting Save, but
> > if
> > > >> you
> > > >> > navigate back to that page what do you see? What about after
> > restarting
> > > >> the
> > > >> > server?
>
> > > >> > LDAP users don't need an existing account on Review Board. Assuming
> > the
> > > >> LDAP
> > > >> > configuration is correct, the LDAP backend should Just Work,
> > creating
> > > >> users
> > > >> > in the database when a user successfully logs in the first time, and
> > > >> > validating their password against the LDAP server on each login.
>
> > > >> > I think I may know the reason behind the settings not appearing to
> > be
> > > >> saved.
> > > >> > I'll need to do some work into investigating why this is happening.
> > > >> However,
> > > >> > if LDAP is actually set in the SiteConfiguration settings list and
> > all
> > > >> the
> > > >> > values are correct, then we're looking at something different there.
>
> > > >> > I'll work to add some logging to the LDAP module and see if we can
> > > >> narrow it
> > > >> > down.
>
> > > >> > Christian
>
> > > >> > --
> > > >> > Christian Hammond - [EMAIL PROTECTED]
> > > >> > VMware, Inc.
>
> > > >> > On Thu, Oct 30, 2008 at 3:48 PM, Brian Hill <[EMAIL PROTECTED]>
> > wrote:
>
> > > >> > > Actually, I see the settings in the siteconfig_siteconfiguration
> > table
> > > >> > > now, but it isn't clear to me that they are being used, since I
> > can't
> > > >> > > seem to get any LDAP users to successfully login. How do I get
> > > >> > > reviewboard to actually use LDAP to look a user's password? Does
> > that
> > > >> > > user have to be added to reviewboard first or will reviewboard now
> > > >> > > allow anyone to login who has an LDAP entry?
>
> > > >> > > It is a little confusing that the defaults come back into the form
> > > >> > > after clicking 'save', though.
>
> > > >> > > Brian
> > > >> > > On Oct 30, 3:41 pm, Brian Hill <[EMAIL PROTECTED]> wrote:
> > > >> > > > It still doesn't work. I _do_ get the "settings saved" geen
> > check
> > > >> mark
> > > >> > > > now, but the default settings come back. It seems worse now,
> > because
> > > >> > > > now none of the settings actually save. Before the email
> > settings
> > > >> did
> > > >> > > > save.
>
> > > >> > > > Brian
>
> > > >> > > > On Oct 30, 3:15 pm, "Christian Hammond" <[EMAIL PROTECTED]>
> > > >> wrote:
>
> > > >> > > > > Everyone, go ahead and update. See if it works better now.
> > There
> > > >> was a
> > > >> > > newly
> > > >> > > > > introduced bug preventing settings from being saved.
>
> > > >> > > > > If you're still encountering the problem, I have some
> > debugging
> > > >> I'll
> > > >> > > commit
> > > >> > > > > that might help track this down.
>
> > > >> > > > > Really sorry for the inconvenience :/
>
> > > >> > > > > Christian
>
> > > >> > > > > --
> > > >> > > > > Christian Hammond - [EMAIL PROTECTED]
> > > >> > > > > VMware, Inc.
>
> > > >> > > > > On Thu, Oct 30, 2008 at 3:08 PM, Christian Hammond <
> > > >> > > [EMAIL PROTECTED]>wrote:
>
> > > >> > > > > > Okay, I have something I'm looking into that may be the
> > cause.
>
> > > >> > > > > > Can you go onto, say, the Diff Viewer form and see if
> > settings
> > > >> save
> > > >> > > > > > properly there?
>
> > > >> > > > > > Christian
>
> > > >> > > > > > --
> > > >> > > > > > Christian Hammond - [EMAIL PROTECTED]
> > > >> > > > > > VMware, Inc.
>
> > > >> > > > > > On Thu, Oct 30, 2008 at 2:34 PM, Brian Hill <
> > [EMAIL PROTECTED]>
> > > >> > > wrote:
>
> > > >> > > > > >> 1) I change to LDAP, fill in the values, click save, and
> > > >> immediately
> > > >> > > > > >> restart apache.
> > > >> > > > > >> I then click on General and the default  values appear.
>
> > > >> > > > > >> 2) mod_python-3.2.8-3.1(bundled with CentOS 5.2 x86_64 w/
> > most
> > > >> > > recent
> > > >> > > > > >> rpm updates)
>
> > > >> > > > > >> 3) mysql-5.0.45-7.el5 (bundled with CentOS 5.2 x86_64 w/
> > most
> > > >> recent
> > > >> > > > > >> rpm updates)
>
> > > >> > > > > >> On Oct 30, 2:27 pm, "Christian Hammond" <
> > [EMAIL PROTECTED]>
> > > >> > > wrote:
> > > >> > > > > >> > It's troublesome that people are all seeing this
> > problem...
> > > >> For
> > > >> > > each
> > > >> > > > > >> person
> > > >> > > > > >> > who hit this, please answer the following:
>
> > > >> > > > > >> > * If you set the setting and then restart Apache, do you
> > see
> > > >> the
> > > >> > > proper
> > > >> > > > > >> > setting?
>
> > > >> > > > > >> > * Are you using mod_python or something else?
>
> > > >> > > > > >> > * What database are you using?
>
> > > >> > > > > >> > Christian
>
> > > >> > > > > >> > --
> > > >> > > > > >> > Christian Hammond - [EMAIL PROTECTED]
> > > >> > > > > >> > VMware, Inc.
>
> > > >> > > > > >> > On Thu, Oct 30, 2008 at 2:24 PM, [EMAIL PROTECTED]<
>
> > > >> > > > > >> > [EMAIL PROTECTED]> wrote:
>
> > > >> > > > > >> > > I've noticed that I'm unable to save any edits to the
> > > >> General
> > > >> > > Settings
> > > >> > > > > >> > > page, for instance setting the Administrator user name
> > will
> > > >> not
> > > >> > > save
> > > >> > > > > >> > > either.
>
> > > >> > > > > >> > > --Jennifer
>
> > > >> > > > > >> > > On Oct 30, 2:14 pm, "[EMAIL PROTECTED]" <
> > > >> > > [EMAIL PROTECTED]>
> > > >> > > > > >> > > wrote:
> > > >> > > > > >> > > > I'm having the same issue, the settings are not
> > saved. Is
> > > >> > > there any
> > > >> > > > > >> > > > workaround or values that I can configure directly in
> > the
> > > >> > > database?
>
> > > >> > > > > >> > > > Thanks!
>
> > > >> > > > > >> > > > --Jennifer
>
> > > >> > > > > >> > > > On Oct 29, 8:32 pm, Brian Hill <[EMAIL PROTECTED]>
> > wrote:
>
> > > >> > > > > >> > > > > I am still having the same problem Kevin did. I
> > tried
> > > >> it in
> > > >> > > IE and
> > > >> > > > > >> > > > > Firefox same result. You don't get the green
> > 'saved'
> > > >> > > checkmark.
> > > >> > > > > >> > > > > Instead, the same form just returns...
>
> > > >> > > > > >> > > > > Has anyone figured this out yet?
>
> > > >> > > > > >> > > > > Brian
>
> > > >> > > > > >> > > > > On Sep 12, 3:02 pm, "Christian Hammond" <
> > > >> > > [EMAIL PROTECTED]>
> > > >> > > > > >> wrote:
>
> > > >> > > > > >> > > > > > Very strange. I'm glad it's working for you now.
> > > >> We'll
> > > >> > > > > >> definitely
> > > >> > > > > >> > > want to
> > > >> > > > > >> > > > > > know if it happens again so we can figure out if
> > this
> > > >> was
> > > >> > > just
> > > >> > > > > >> some
> > > >> > > > > >> > > browser
> > > >> > > > > >> > > > > > caching issue or something else.
>
> > > >> > > > > >> > > > > > Christian
>
> > > >> > > > > >> > > > > > --
> > > >> > > > > >> > > > > > Christian Hammond - [EMAIL PROTECTED]
> > > >> > > > > >> > > > > > VMware, Inc.
>
> > > >> > > > > >> > > > > > On Fri, Sep 12, 2008 at 10:32 AM,
> > > >> [EMAIL PROTECTED]
> > > >> > > > > >> > > > > > <[EMAIL PROTECTED]>wrote:
>
> > > >> > > > > >> > > > > > > Christian,
>
> > > >> > > > > >> > > > > > > It seems to be working now, thanks.  Not sure
> > what
> > > >> was
> > > >> > > going
> > > >> > > > > >> on --
> > > >> > > > > >> > > > > > > perhaps some sort of caching issue.  It just
> > kept
> > > >> > > > > >> half-remembering
> > > >> > > > > >> > > > > > > what I typed in, and then I'd refresh and it
> > would
> > > >> be
> > > >> > > some
> > > >> > > > > >> > > different
> > > >> > > > > >> > > > > > > combination of the settings I'd tried, and then
> > it
> > > >> would
> > > >> > > > > >> change
> > > >> > > > > >> > > again
> > > >> > > > > >> > > > > > > when I refreshed.  A day later, logging in
> > fresh in
> > > >> a
> > > >> > > totally
> > > >> > > > > >> new
> > > >> > > > > >> > > > > > > browser, the
>
> ...
>
> read more »
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To post to this group, send email to reviewboard@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to