Modify

Opened 2 years ago

Closed 15 months ago

Last modified 15 months ago

#10581 closed defect (fixed)

TypeError: an integer is required

Reported by: anonymous Owned by: rjollos
Priority: normal Component: DirectoryAuthPlugin
Severity: normal Keywords: AD, ActiveDirectory, DirectoryAuthPlugin
Cc: hubert.skibinski@…, kyle.james.oconnor@…, korn Trac Release: 1.0

Description

Hi,

I'm having some problems with the trac DirectoryAuthPlugin. When I hit login button i get:

Trac detected an internal error:
TypeError: an integer is required
Trac 1.0dev-r0
Docutils 0.8.1
Genshi 0.6 (without speedups)
pysqlite 2.4.1
Python 2.6.8 (unknown, May 29 2012, 22:30:44) [GCC 4.3.4 [gcc-4_3-branch revision 152973]]
setuptools 0.6c8
SQLite 3.6.4
Subversion 1.5.7 (r36142)
TracAccountManager0.4dev
TracDirectoryAuth0.5

[account-manager]
authentication_url =
cache_memprune = 5
cache_memsize = 400
cache_memsize_warn = 300
cache_timeout = 60
cache_ttl = 90
db_htdigest_realm =
dir_basedn = DC=XXXX,DC=XXX
dir_binddn = trac.user@XXXX.XXX
dir_bindpw = XXXXX
dir_charset = utf-8
dir_scope = 1
dir_timeout = 5
dir_uri = ldap://XXX.XXXX.XXX:389
email_attr = mail
force_passwd_change = False
group_attr = cn
group_basedn =
group_expand = 1
group_member_attr = member
group_member_value = dn
group_tracadmin =
group_validusers =
hash_method = HtDigestHashMethod
htpasswd_file =
htpasswd_hash_type = crypt
name_attr = displayName
password_file =
password_store = ADAuthStore
persistent_sessions = False
refresh_passwd = False
user_attr = sAMAccountName
user_lock_max_time = 0
verify_email = False

Most recent call last:
Traceback (most recent call last):
  File "build/bdist.linux-x86_64/egg/trac/web/main.py", line 490, in _dispatch_request
    dispatcher.dispatch(req)
  File "build/bdist.linux-x86_64/egg/trac/web/main.py", line 224, in dispatch
    content_type)
  File "build/bdist.linux-x86_64/egg/trac/web/chrome.py", line 1027, in render_template
    encoding='utf-8')
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/core.py", line 183, in render
    return encode(generator, method=method, encoding=encoding, out=out)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 58, in encode
    for chunk in iterator:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 339, in __call__
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 826, in __call__
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 670, in __call__
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 771, in __call__
    for kind, data, pos in chain(stream, [(None, None, None)]):
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 586, in __call__
    for ev in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/core.py", line 288, in _ensure
    for event in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/core.py", line 288, in _ensure
    for event in stream:
  File "build/bdist.linux-x86_64/egg/trac/web/chrome.py", line 1166, in _strip_accesskeys
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/core.py", line 288, in _ensure
    for event in stream:
  File "build/bdist.linux-x86_64/egg/trac/web/chrome.py", line 1155, in _generate
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/base.py", line 605, in _include
    for event in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/markup.py", line 378, in _match
    ctxt, start=idx + 1, **vars):
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/markup.py", line 327, in _match
    for event in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/base.py", line 585, in _flatten
    stream = _apply_directives(data[1], data[0], ctxt, vars)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/base.py", line 262, in _apply_directives
    stream = directives[0](iter(stream), directives[1:], ctxt, **vars)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/directives.py", line 400, in __call__
    value = _eval_expr(self.expr, ctxt, vars)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/base.py", line 277, in _eval_expr
    retval = expr.evaluate(ctxt)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/eval.py", line 178, in evaluate
    return eval(self.code, _globals, {'__data__': data})
  File "/root/.python-eggs/Trac-1.0dev_r0-py2.6.egg-tmp/trac/templates/layout.html", line 24, in <Expression u"not defined('trac_error_rendering') and 'SEARCH_VIEW' in perm">
    <py:if test="not defined('trac_error_rendering') and 'SEARCH_VIEW' in perm" id="search">
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 556, in has_permission
    return self._has_permission(action, resource)
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 570, in _has_permission
    check_permission(action, perm.username, resource, perm)
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 462, in check_permission
    perm)
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 296, in check_permission
    get_user_permissions(username)
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 398, in get_user_permissions
    for perm in self.store.get_user_permissions(username) or []:
  File "build/bdist.linux-x86_64/egg/tracext/adauth/api.py", line 43, in get_user_permissions
    subjects.update(provider.get_permission_groups(username))
  File "build/bdist.linux-x86_64/egg/tracext/adauth/auth.py", line 215, in get_permission_groups
    dn = self._get_user_dn(username)
  File "build/bdist.linux-x86_64/egg/tracext/adauth/auth.py", line 299, in _get_user_dn
    [self.user_attr], cache)
  File "build/bdist.linux-x86_64/egg/tracext/adauth/auth.py", line 501, in _dir_search
    res = dir.search_s(basedn.encode(self.dir_charset), scope, filter, attrs)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 508, in search_s
    return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 820, in search_ext_s
    return self._apply_method_s(SimpleLDAPObject.search_ext_s,*args,**kwargs)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 772, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 501, in search_ext_s
    msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 497, in search_ext
    timeout,sizelimit,
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
TypeError: an integer is required

When I remove dir_scope from account-manager section I get correct login site. Unfortunately I can not login even though.

Error

Invalid username or password

trac.log

Trac[auth] DEBUG: _dir_search: starting LDAP search of ldap://XXX.XXXX.com:389 DC=XXXX,DC=com using (&(sAMAccountName=ZZZ.YYY)(objectClass=person)) for ['sAMAccountName']
Trac[auth] DEBUG: _dir_search: AD hit, 3 entries.
Trac[auth] DEBUG: user ZZZ.YYY has dn: None
Trac[auth] INFO: User Login: ZZZ.YYY does not exist, deferring authentication

Attachments (0)

Change History (14)

comment:1 Changed 2 years ago by anonymous

Dir_scope should be defined as IntOption, not plain Option. Fix is pretty trivial.

comment:2 Changed 21 months ago by rjollos

  • Owner changed from sandinak to rjollos
  • Status changed from new to assigned

comment:3 Changed 21 months ago by rjollos

  • Cc kyle.james.oconnor@… added

The fix probably needs to be made for a few other options as well.

comment:4 Changed 21 months ago by rjollos

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [12963]) Fixes #10581: Changed dir_scope to an IntOption.

comment:5 Changed 21 months ago by kyle.james.oconnor@…

Fix confirmed and this is a duplicate of #10713

comment:6 Changed 21 months ago by rjollos

Thanks, I closed out #10713.

comment:7 Changed 20 months ago by rjollos

  • Resolution fixed deleted
  • Status changed from closed to reopened

[12963] was reverted by the plugin author in [12971] and [12972], so the issue persists following r12972.

comment:8 Changed 20 months ago by rjollos

  • Owner changed from rjollos to sandinak
  • Status changed from reopened to new

comment:9 Changed 15 months ago by rjollos

  • Owner changed from sandinak to rjollos
  • Status changed from new to assigned

comment:10 Changed 15 months ago by rjollos

  • Resolution set to fixed
  • Status changed from assigned to closed

In 13389:

Applied [12963] again: Changed dir_scope to an IntOption. Fixes #10581.

comment:11 Changed 15 months ago by rjollos

  • Cc korn added

#11306 was closed as a duplicate.

korn: If you can, please confirm that the issue is fixed for you.

comment:12 Changed 15 months ago by korn

Yes, I did end up using this patch after all and I confirm it fixes the problem.

The following changes also seems to be advisable, even if perhaps not necessary:

-    dir_timeout = Option('account-manager', 'dir_timeout', 5, 'ldap response timeout in seconds')
+    dir_timeout = IntOption('account-manager', 'dir_timeout', 5, 'ldap response timeout in seconds')

As well as

-    group_expand = Option('account-manager', 'group_expand', 1, 'binary: expand ldap_groups into trac groups.')
-    cache_ttl = Option('account-manager', 'cache_timeout', 60, 'cache timeout in seconds')
-    cache_memsize = Option('account-manager', 'cache_memsize', 400, 'size of memcache in entries, zero to disable')
-    cache_memprune = Option('account-manager', 'cache_memprune', 5, 'percent of entries to prune')
-    cache_memsize_warn = Option('account-manager', 'cache_memsize_warn', 300, 'warning message for cache pruning in seconds')
+    group_expand = IntOption('account-manager', 'group_expand', 1, 'binary: expand ldap_groups into trac groups.')
+    cache_ttl = IntOption('account-manager', 'cache_timeout', 60, 'cache timeout in seconds')
+    cache_memsize = IntOption('account-manager', 'cache_memsize', 400, 'size of memcache in entries, zero to disable')
+    cache_memprune = IntOption('account-manager', 'cache_memprune', 5, 'percent of entries to prune')
+    cache_memsize_warn = IntOption('account-manager', 'cache_memsize_warn', 300, 'warning message for cache pruning in seconds')
Version 0, edited 15 months ago by korn (next)

comment:13 Changed 15 months ago by rjollos

Yeah, those changes all look to be advisable.

comment:14 Changed 15 months ago by rjollos

In 13391:

Use IntOption for integer configuration options. Refs #10581.

Thanks to korn for the patch.

Add Comment

Modify Ticket

Action
as closed The owner will remain rjollos.
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.