https://www.chiliproject.org/
2012-07-11T14:07:32+02:00
ChiliProject
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22743
2012-07-11T14:07:32+02:00
Jérémy Subtil
jeremy.subtil@gmail.com
<ul><li><strong>Status</strong> set to <i>Open</i></li><li><strong>Tracker</strong> set to <i>Bug</i></li><li><strong>Subject</strong> set to <i>"incompatible character encoding" with LDAP auth</i></li><li><strong>Priority</strong> set to <i>Normal</i></li><li><strong>Category</strong> set to <i>Libraries</i></li><li><strong>Start date</strong> set to <i>2012-07-11</i></li><li><strong>Project</strong> set to <i>ChiliProject</i></li><li><strong>Description</strong> set to <i>Hi there,
I've just encountered the following issue while trying to auth...</i> <a href="/journals/22743/diff/description" class="lightbox-ajax">More</a></li></ul>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22758
2012-07-13T08:15:54+02:00
Felix Schäfer
felix+chili@oh14.de
<ul><li><strong>Status</strong> changed from <i>Open</i> to <i>Ready for review</i></li><li><strong>Assignee</strong> set to <i>Felix Schäfer</i></li><li><strong>Target version</strong> set to <i>3.3.0</i></li></ul><p>Thanks for the report, I'll try to have a look before the WE.</p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22763
2012-07-13T23:21:28+02:00
Felix Schäfer
felix+chili@oh14.de
<ul></ul><p>It seems I am unable to get the LDAP example config to work (and I've spent nearly 2 hours with it -_- )</p>
<p>Florian: as you were the one to add the config for the newer OpenLDAPs, could you give me a short sum-up of what I need to do to get the example stuff into a virgin OpenLDAP? I've been trying to test it in a Ubuntu Lucid VM (current vagrant status), I wouldn't mind if we could get it to work on Travis too though :-)</p>
<p>Holger: If Florian doesn't answer early enough, I'm tempted to just bump the lib (it's a minor bump so it should work as before) and see if it makes it through ci.chiliproject.org, which IIRC tests the LDAP parts.</p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22767
2012-07-14T00:54:17+02:00
Florian Mutter
elm+chiliproject@skweez.net
<ul></ul><p>Here is the way to do this:<br /><pre>
sudo apt-get install openldap ldap-utils
sudo mkdir -p /var/lib/ldap/redmine
sudo chown openldap:openldap /var/lib/ldap/redmine
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f test/fixtures/ldap/slapd_config.ldif
sudo ldapadd -D cn=Manager,dc=redmine,dc=org -w secret -f test/fixtures/ldap/test-ldap.ldif
rake test TEST=test/functional/ldap_auth_sources_controller.rb
</pre></p>
<p>I tested this on Ubuntu 11.04 but it should work on newer systems to. Maybe you want to add this to the wiki.</p>
<p>EDIT: The test above was the wrong test. Or maybe both are needed. No Idea. But all tests are running without error. This may be the correct one:<br /><pre>rake test TEST=test/unit/auth_source_ldap_test.rb</pre></p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22768
2012-07-14T11:19:07+02:00
Felix Schäfer
felix+chili@oh14.de
<ul></ul><p>Florian Mutter wrote:</p>
<blockquote>
<p>Here is the way to do this:</p>
</blockquote>
<p>That's in the line of what I tried on Lucid (the package for the openldap server is called slapd, but that's less of a problem), when trying to import the config I get the following error though:</p>
<pre>vagrant@lucid32:~$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /opt/chiliproject/default/current/test/fixtures/ldap/slapd_config.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=hdb,cn=config"
ldap_add: Invalid syntax (21)
additional info: objectClass: value #1 invalid per syntax</pre>
<p>Any idea?</p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22769
2012-07-14T11:49:47+02:00
Florian Mutter
elm+chiliproject@skweez.net
<ul></ul><p>You are missing the hdb module. Maybe the switched to bdb by default. You can load that module by putting the following in a ldif file and load it with like the first ldap_add command above:<br /><pre>
# Load dynamic backend modules
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: {0}back_hdb
</pre></p>
<p>This should maybe included in the slapd_conf.ldap</p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22770
2012-07-14T11:55:15+02:00
Florian Mutter
elm+chiliproject@skweez.net
<ul></ul><p>Sorry wrong script. Use this one<br /><pre>
# Load dynamic backend modules
dn: cn=module,cn=config
objectClass: olcModuleList
cn: module
olcModulepath: /usr/lib/ldap
olcModuleload: back_hdb.la
</pre><br />I hope this works.</p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22771
2012-07-14T12:02:35+02:00
Felix Schäfer
felix+chili@oh14.de
<ul></ul><p>Florian Mutter wrote:</p>
<blockquote>
<p>I hope this works.</p>
</blockquote>
<p>Kind of, I get another error, LDAP seems to be hard… Maybe we could reverse the process? If you have the time, could you grab <a class="external" href="https://github.com/thegcat/chiliproject-vagrant/">https://github.com/thegcat/chiliproject-vagrant/</a> and see if you can get it working there? (once the machine is up with <code>vagrant up</code>, you can just <code>vagrant ssh</code> to get on the machine, the user you are logged in as then has passwordless sudo rights).</p>
<p>After successfully loading the back_hdb.la part, I get:</p>
<pre>vagrant@lucid32:~$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /opt/chiliproject/default/current/test/fixtures/ldap/slapd_config.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=hdb,cn=config"
ldap_add: Other (e.g., implementation specific) error (80)
additional info: <olcAccess> handler exited with 1</pre>
<p>Thanks for your help :-)</p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22772
2012-07-14T13:33:15+02:00
Florian Mutter
elm+chiliproject@skweez.net
<ul></ul><p>Hmm, maybe ldap stored some of the entries in a previous attempt to import the slapd_conf.ldif. If you have nothing els in your ldap you can try apt-get purge slapd; rm -r /var/lib/ldap/redmine; apt-get install slapd and try again. Another way would be ldapmodify but to use this the ldif needs to be updated with something like this:<br /><pre>
changetype: modify
replace: olcAccess
</pre></p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22773
2012-07-14T21:13:17+02:00
Felix Schäfer
felix+chili@oh14.de
<ul></ul><p>Still getting:</p>
<pre>vagrant@lucid32:~$ sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /opt/chiliproject/default/current/test/fixtures/ldap/slapd_config.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
adding new entry "olcDatabase=hdb,cn=config"
ldap_add: Other (e.g., implementation specific) error (80)
additional info: <olcAccess> handler exited with 1</pre>
<p>Oh well, I'll wait to see if the CI works with the new lib or not.</p>
ChiliProject - Bug #1078: "incompatible character encoding" with LDAP auth
https://www.chiliproject.org/issues/1078?journal_id=22779
2012-07-15T11:48:07+02:00
Felix Schäfer
felix+chili@oh14.de
<ul><li><strong>Assignee</strong> deleted (<strike><i>Felix Schäfer</i></strike>)</li><li><strong>Status</strong> changed from <i>Ready for review</i> to <i>Closed</i></li></ul><p>The <a href="http://ci.chiliproject.org/job/chiliproject_master/247/" class="external">CI run</a> went through, so I'm closing this. Thanks to all involved!</p>
<p>Florian, if you still want to help, we can open a new issue or meet on IRC or something to get this working :-)</p>