Oh, and I have a clone of the server if there's anything I can do for
testing. My Python skills are somewhere between crappy and nonexistent,
but I can follow directions and install whatever crazy stuff on my clone to
help.
Ian
On Thu, Nov 10, 2011 at 9:59 PM, Mail Team <email....@gmail.com> wrote:
> Sorry, to answer your question from a few days ago, LDAP logins aren't
> currently working at all for me, either from the web UI or from post-review.
>
> Ian
>
>
> On Thu, Nov 10, 2011 at 2:54 AM, Nilesh Jaiswal <nileshj...@gmail.com>wrote:
>
>>
>> Hi Chris,
>>
>> The changes are done are as below please find the snippet.
>>
>> class LDAPBackend(AuthBackend):
>> """Authenticate against a user on an LDAP server."""
>> name = _('LDAP')
>> settings_form = LDAPSettingsForm
>>
>> def authenticate(self, username, password):
>> username = username.strip()
>> uid = settings.LDAP_UID_MASK % username
>> logging.info("Start Authenticating username: %s" % username)
>> logging.info("User UID is : %s" % uid)
>> try:
>> import ldap
>> ldapo = ldap.initialize(settings.LDAP_URI)
>> ldapo.set_option(ldap.OPT_REFERRALS, 0)
>> ldapo.set_option(ldap.OPT_PROTOCOL_VERSION, 3)
>> if settings.LDAP_TLS:
>> ldapo.start_tls_s()
>>
>> * # May need to log in as the anonymous user before searching.
>> Filter = '(&(objectClass=*)(sAMAccountName=%s))' % username
>> Attrs=['displayName']
>> *
>> if settings.LDAP_ANON_BIND_UID:
>> ldapo.simple_bind_s(settings.LDAP_ANON_BIND_UID,
>> settings.LDAP_ANON_BIND_PASSWD)
>>
>> *search = ldapo.search(settings.LDAP_BASE_DN,
>> ldap.SCOPE_SUBTREE, Filter, Attrs)*
>>
>> if not search:
>> # no such a user, return early, no need for bind attempts
>> logging.warning("LDAP error: The specified object does
>> not "
>> "exist in the Directory: %s" %
>> uid)
>> return None
>> * # Adding my code Start
>> search = ldapo.search_s(settings.LDAP_BASE_DN,
>> ldap.SCOPE_SUBTREE, Filter)
>> # Adding my code End
>> *
>>
>> Similar changes in
>> def get_or_create_user(self, username):
>>
>> * Filter = '(&(objectClass=*)(sAMAccountName=%s))' %
>> username
>> Attrs=['displayName']
>> # passwd = ldapo.search_s(settings.LDAP_BASE_DN,
>> # ldap.SCOPE_SUBTREE,
>> # settings.LDAP_UID_MASK %
>> username)
>> passwd = ldapo.search_s(settings.LDAP_BASE_DN,
>> ldap.SCOPE_SUBTREE, Filter, Attrs)
>> * if len(password) == 0:
>> # Don't try to bind using an empty password; the server
>> will
>> # return success, which doesn't mean we have
>> authenticated.
>> # http://tools.ietf.org/html/rfc4513#section-5.1.2
>> # http://tools.ietf.org/html/rfc4513#section-6.3.1
>> logging.warning("Empty password for: %s" % uid)
>> return None
>>
>> ldapo.bind_s(search[0][0], password)
>>
>> return self.get_or_create_user(username)
>>
>>
>> After this changes i was able to authenticate using LDAP user from RB
>> GUI. This is my customize fix, if you have better fix please let us know.
>>
>> Regards,
>> Nilesh
>>
>> On Thu, Nov 10, 2011 at 3:52 PM, Christian Hammond
>> <chip...@chipx86.com>wrote:
>>
>>> Can you tell me what change you made? I'd like to get a fix into a
>>> release.
>>>
>>>
>>> Christian
>>>
>>> --
>>> Christian Hammond - chip...@chipx86.com
>>> Review Board - http://www.reviewboard.org
>>> VMware, Inc. - http://www.vmware.com
>>>
>>>
>>> On Wed, Nov 9, 2011 at 11:45 PM, Nilesh Jaiswal <nileshj...@gmail.com>wrote:
>>>
>>>> Its seems, you need to make the changes in the backends.py to add the
>>>> filter for the LDAP user, I was also facing this issue then i add the
>>>> filter and it started working for me
>>>>
>>>>
>>>> On Tue, Nov 8, 2011 at 4:58 AM, Christian Hammond
>>>> <chip...@chipx86.com>wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> Are you just having trouble with API logins using post-review, or the
>>>>> website as well?
>>>>>
>>>>> There are some issues we haven't yet tracked down specifically with
>>>>> LDAP logins with the API. I honestly don't know what's going on there, and
>>>>> nobody who has such a setup has been able to debug enough to figure out
>>>>> the
>>>>> root cause.
>>>>>
>>>>> Christian
>>>>>
>>>>> --
>>>>> Christian Hammond - chip...@chipx86.com
>>>>> Review Board - http://www.reviewboard.org
>>>>> VMware, Inc. - http://www.vmware.com
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Nov 7, 2011 at 2:41 PM, Mail Team <email....@gmail.com> wrote:
>>>>>
>>>>>> And the server is ReviewBoard 1.6.1 with Django 1.3.1, Djblets
>>>>>> 0.6.13, django_evolution 0.6.5.
>>>>>>
>>>>>> Ian
>>>>>>
>>>>>>
>>>>>> On Sun, Nov 6, 2011 at 1:13 AM, Mail Team <email....@gmail.com>wrote:
>>>>>>
>>>>>>> And the client was using Python 2.7 all along. It was using RBTools
>>>>>>> 0.3.3, I tried updating them to 0.3.4 but that didn't make a difference.
>>>>>>>
>>>>>>> Ian
>>>>>>>
>>>>>>>
>>>>>>> On Sun, Nov 6, 2011 at 1:12 AM, Mail Team <email....@gmail.com>wrote:
>>>>>>>
>>>>>>>> A bit more info:
>>>>>>>> My old server used Python 2.6, my new server uses 2.7.
>>>>>>>>
>>>>>>>> $ post-review --debug -o dummyfile
>>>>>>>> >>> RBTools 0.3.4
>>>>>>>> >>> Home = /path/to/my/home
>>>>>>>> >>> svn info
>>>>>>>> >>> diff --version
>>>>>>>> >>> repository info: Path: svn+ssh://my.repository/url, Base path:
>>>>>>>> /trunk, Supports changesets: False
>>>>>>>> >>> svn propget reviewboard:url /path/to/my/working/copy/trunk
>>>>>>>> >>> HTTP GETting api/
>>>>>>>> >>> HTTP GETting http://my.reviewboard.server/codereviews/api/info/
>>>>>>>> ==> HTTP Authentication Required
>>>>>>>> Enter authorization information for "Web API" at mailteam.apple.com
>>>>>>>> Username: iana
>>>>>>>> Password:
>>>>>>>> >>> Got API Error 103 (HTTP code 401): You are not logged in
>>>>>>>> >>> Error data: {u'stat': u'fail', u'err': {u'msg': u'You are not
>>>>>>>> logged in', u'code': 103}}
>>>>>>>> Unable to log in with the supplied username and password.
>>>>>>>>
>>>>>>>> When I use post-review as above, I do get some logs but they're not
>>>>>>>> all that helpful to me.
>>>>>>>> DEBUG Attempting authentication on API for user iana
>>>>>>>> DEBUG API Login failed. No valid user found.
>>>>>>>>
>>>>>>>> On Sun, Nov 6, 2011 at 1:43 AM, Mail Team <email....@gmail.com>wrote:
>>>>>>>>
>>>>>>>>> I moved my Review Board installation to a new server via rb-site
>>>>>>>>> manage dumpdata/loaddata which seemed to go fine, but now LDAP logins
>>>>>>>>> don't
>>>>>>>>> work. If I go into the admin interface and click on Logs, there's
>>>>>>>>> nothing.
>>>>>>>>> Any idea how I could debug this? Any silly gotchas that I might be
>>>>>>>>> missing?
>>>>>>>>>
>>>>>>>>> Ian
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>> --
>>>>>> Want to help the Review Board project? Donate today at
>>>>>> http://www.reviewboard.org/donate/
>>>>>> Happy user? Let us know at http://www.reviewboard.org/users/
>>>>>> -~----------~----~----~----~------~----~------~--~---
>>>>>> To unsubscribe from this group, send email to
>>>>>> reviewboard+unsubscr...@googlegroups.com
>>>>>> For more options, visit this group at
>>>>>> http://groups.google.com/group/reviewboard?hl=en
>>>>>>
>>>>>
>>>>> --
>>>>> Want to help the Review Board project? Donate today at
>>>>> http://www.reviewboard.org/donate/
>>>>> Happy user? Let us know at http://www.reviewboard.org/users/
>>>>> -~----------~----~----~----~------~----~------~--~---
>>>>> To unsubscribe from this group, send email to
>>>>> reviewboard+unsubscr...@googlegroups.com
>>>>> For more options, visit this group at
>>>>> http://groups.google.com/group/reviewboard?hl=en
>>>>>
>>>>
>>>> --
>>>> Want to help the Review Board project? Donate today at
>>>> http://www.reviewboard.org/donate/
>>>> Happy user? Let us know at http://www.reviewboard.org/users/
>>>> -~----------~----~----~----~------~----~------~--~---
>>>> To unsubscribe from this group, send email to
>>>> reviewboard+unsubscr...@googlegroups.com
>>>> For more options, visit this group at
>>>> http://groups.google.com/group/reviewboard?hl=en
>>>>
>>>
>>> --
>>> Want to help the Review Board project? Donate today at
>>> http://www.reviewboard.org/donate/
>>> Happy user? Let us know at http://www.reviewboard.org/users/
>>> -~----------~----~----~----~------~----~------~--~---
>>> To unsubscribe from this group, send email to
>>> reviewboard+unsubscr...@googlegroups.com
>>> For more options, visit this group at
>>> http://groups.google.com/group/reviewboard?hl=en
>>>
>>
>> --
>> Want to help the Review Board project? Donate today at
>> http://www.reviewboard.org/donate/
>> Happy user? Let us know at http://www.reviewboard.org/users/
>> -~----------~----~----~----~------~----~------~--~---
>> To unsubscribe from this group, send email to
>> reviewboard+unsubscr...@googlegroups.com
>> For more options, visit this group at
>> http://groups.google.com/group/reviewboard?hl=en
>>
>
>
--
Want to help the Review Board project? Donate today at
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/reviewboard?hl=en
