Modify

Opened 21 months ago

Closed 11 months ago

Last modified 11 months ago

#10581 closed defect (fixed)

TypeError: an integer is required

Reported by: anonymous Owned by: rjollos
Priority: normal Component: DirectoryAuthPlugin
Severity: normal Keywords: AD, ActiveDirectory, DirectoryAuthPlugin
Cc: hubert.skibinski@…, kyle.james.oconnor@…, korn Trac Release: 1.0

Description

Hi,

I'm having some problems with the trac DirectoryAuthPlugin.
When I hit login button i get:

Trac detected an internal error:
TypeError: an integer is required
Trac 1.0dev-r0
Docutils 0.8.1
Genshi 0.6 (without speedups)
pysqlite 2.4.1
Python 2.6.8 (unknown, May 29 2012, 22:30:44) [GCC 4.3.4 [gcc-4_3-branch revision 152973]]
setuptools 0.6c8
SQLite 3.6.4
Subversion 1.5.7 (r36142)
TracAccountManager0.4dev
TracDirectoryAuth0.5


[account-manager]
authentication_url =
cache_memprune = 5
cache_memsize = 400
cache_memsize_warn = 300
cache_timeout = 60
cache_ttl = 90
db_htdigest_realm =
dir_basedn = DC=XXXX,DC=XXX
dir_binddn = trac.user@XXXX.XXX
dir_bindpw = XXXXX
dir_charset = utf-8
dir_scope = 1
dir_timeout = 5
dir_uri = ldap://XXX.XXXX.XXX:389
email_attr = mail
force_passwd_change = False
group_attr = cn
group_basedn =
group_expand = 1
group_member_attr = member
group_member_value = dn
group_tracadmin =
group_validusers =
hash_method = HtDigestHashMethod
htpasswd_file =
htpasswd_hash_type = crypt
name_attr = displayName
password_file =
password_store = ADAuthStore
persistent_sessions = False
refresh_passwd = False
user_attr = sAMAccountName
user_lock_max_time = 0
verify_email = False

Most recent call last:
Traceback (most recent call last):
  File "build/bdist.linux-x86_64/egg/trac/web/main.py", line 490, in _dispatch_request
    dispatcher.dispatch(req)
  File "build/bdist.linux-x86_64/egg/trac/web/main.py", line 224, in dispatch
    content_type)
  File "build/bdist.linux-x86_64/egg/trac/web/chrome.py", line 1027, in render_template
    encoding='utf-8')
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/core.py", line 183, in render
    return encode(generator, method=method, encoding=encoding, out=out)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 58, in encode
    for chunk in iterator:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 339, in __call__
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 826, in __call__
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 670, in __call__
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 771, in __call__
    for kind, data, pos in chain(stream, [(None, None, None)]):
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/output.py", line 586, in __call__
    for ev in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/core.py", line 288, in _ensure
    for event in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/core.py", line 288, in _ensure
    for event in stream:
  File "build/bdist.linux-x86_64/egg/trac/web/chrome.py", line 1166, in _strip_accesskeys
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/core.py", line 288, in _ensure
    for event in stream:
  File "build/bdist.linux-x86_64/egg/trac/web/chrome.py", line 1155, in _generate
    for kind, data, pos in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/base.py", line 605, in _include
    for event in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/markup.py", line 378, in _match
    ctxt, start=idx + 1, **vars):
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/markup.py", line 327, in _match
    for event in stream:
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/base.py", line 585, in _flatten
    stream = _apply_directives(data[1], data[0], ctxt, vars)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/base.py", line 262, in _apply_directives
    stream = directives[0](iter(stream), directives[1:], ctxt, **vars)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/directives.py", line 400, in __call__
    value = _eval_expr(self.expr, ctxt, vars)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/base.py", line 277, in _eval_expr
    retval = expr.evaluate(ctxt)
  File "/opt/trac/lib64/python2.6/site-packages/Genshi-0.6-py2.6.egg/genshi/template/eval.py", line 178, in evaluate
    return eval(self.code, _globals, {'__data__': data})
  File "/root/.python-eggs/Trac-1.0dev_r0-py2.6.egg-tmp/trac/templates/layout.html", line 24, in <Expression u"not defined('trac_error_rendering') and 'SEARCH_VIEW' in perm">
    <py:if test="not defined('trac_error_rendering') and 'SEARCH_VIEW' in perm" id="search">
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 556, in has_permission
    return self._has_permission(action, resource)
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 570, in _has_permission
    check_permission(action, perm.username, resource, perm)
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 462, in check_permission
    perm)
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 296, in check_permission
    get_user_permissions(username)
  File "build/bdist.linux-x86_64/egg/trac/perm.py", line 398, in get_user_permissions
    for perm in self.store.get_user_permissions(username) or []:
  File "build/bdist.linux-x86_64/egg/tracext/adauth/api.py", line 43, in get_user_permissions
    subjects.update(provider.get_permission_groups(username))
  File "build/bdist.linux-x86_64/egg/tracext/adauth/auth.py", line 215, in get_permission_groups
    dn = self._get_user_dn(username)
  File "build/bdist.linux-x86_64/egg/tracext/adauth/auth.py", line 299, in _get_user_dn
    [self.user_attr], cache)
  File "build/bdist.linux-x86_64/egg/tracext/adauth/auth.py", line 501, in _dir_search
    res = dir.search_s(basedn.encode(self.dir_charset), scope, filter, attrs)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 508, in search_s
    return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 820, in search_ext_s
    return self._apply_method_s(SimpleLDAPObject.search_ext_s,*args,**kwargs)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 772, in _apply_method_s
    return func(self,*args,**kwargs)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 501, in search_ext_s
    msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 497, in search_ext
    timeout,sizelimit,
  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
TypeError: an integer is required

When I remove dir_scope from account-manager section I get correct login site.
Unfortunately I can not login even though.

Error

Invalid username or password

trac.log

Trac[auth] DEBUG: _dir_search: starting LDAP search of ldap://XXX.XXXX.com:389 DC=XXXX,DC=com using (&(sAMAccountName=ZZZ.YYY)(objectClass=person)) for ['sAMAccountName']
Trac[auth] DEBUG: _dir_search: AD hit, 3 entries.
Trac[auth] DEBUG: user ZZZ.YYY has dn: None
Trac[auth] INFO: User Login: ZZZ.YYY does not exist, deferring authentication

Attachments (0)

Change History (14)

comment:1 Changed 21 months ago by anonymous

Dir_scope should be defined as IntOption, not plain Option. Fix is pretty trivial.

comment:2 Changed 16 months ago by rjollos

  • Owner changed from sandinak to rjollos
  • Status changed from new to assigned

comment:3 Changed 16 months ago by rjollos

  • Cc kyle.james.oconnor@… added

The fix probably needs to be made for a few other options as well.

comment:4 Changed 16 months ago by rjollos

  • Resolution set to fixed
  • Status changed from assigned to closed

(In [12963]) Fixes #10581: Changed dir_scope to an IntOption.

comment:5 Changed 16 months ago by kyle.james.oconnor@…

Fix confirmed and this is a duplicate of #10713

comment:6 Changed 16 months ago by rjollos

Thanks, I closed out #10713.

comment:7 Changed 16 months ago by rjollos

  • Resolution fixed deleted
  • Status changed from closed to reopened

[12963] was reverted by the plugin author in [12971] and [12972], so the issue persists following r12972.

comment:8 Changed 16 months ago by rjollos

  • Owner changed from rjollos to sandinak
  • Status changed from reopened to new

comment:9 Changed 11 months ago by rjollos

  • Owner changed from sandinak to rjollos
  • Status changed from new to assigned

comment:10 Changed 11 months ago by rjollos

  • Resolution set to fixed
  • Status changed from assigned to closed

In 13389:

Applied [12963] again: Changed dir_scope to an IntOption. Fixes #10581.

comment:11 Changed 11 months ago by rjollos

  • Cc korn added

#11306 was closed as a duplicate.

korn: If you can, please confirm that the issue is fixed for you.

comment:12 Changed 11 months ago by korn

Yes, I did end up using this patch after all and I confirm it fixes the problem.

The following changes also seems to be advisable, even if perhaps not necessary:

-    dir_timeout = Option('account-manager', 'dir_timeout', 5, 'ldap response timeout in seconds')
+    dir_timeout = IntOption('account-manager', 'dir_timeout', 5, 'ldap response timeout in seconds')

As well as

-    group_expand = Option('account-manager', 'group_expand', 1, 'binary: expand ldap_groups into trac groups.')
-    cache_ttl = Option('account-manager', 'cache_timeout', 60, 'cache timeout in seconds')
-    cache_memsize = Option('account-manager', 'cache_memsize', 400, 'size of memcache in entries, zero to disable')
-    cache_memprune = Option('account-manager', 'cache_memprune', 5, 'percent of entries to prune')
-    cache_memsize_warn = Option('account-manager', 'cache_memsize_warn', 300, 'warning message for cache pruning in seconds')
+    group_expand = IntOption('account-manager', 'group_expand', 1, 'binary: expand ldap_groups into trac groups.')
+    cache_ttl = IntOption('account-manager', 'cache_timeout', 60, 'cache timeout in seconds')
+    cache_memsize = IntOption('account-manager', 'cache_memsize', 400, 'size of memcache in entries, zero to disable')
+    cache_memprune = IntOption('account-manager', 'cache_memprune', 5, 'percent of entries to prune')
+    cache_memsize_warn = IntOption('account-manager', 'cache_memsize_warn', 300, 'warning message for cache pruning in seconds')
Version 0, edited 11 months ago by korn (next)

comment:13 Changed 11 months ago by rjollos

Yeah, those changes all look to be advisable.

comment:14 Changed 11 months ago by rjollos

In 13391:

Use IntOption for integer configuration options. Refs #10581.

Thanks to korn for the patch.

Add Comment

Modify Ticket

Action
as closed .
as The resolution will be set. Next status will be 'closed'.
to The owner will be changed from rjollos. Next status will be 'closed'.
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.