Modify

Opened 6 years ago

Last modified 3 years ago

#4700 new defect

group_bind=true

Reported by: nlp@… Owned by: eblot
Priority: normal Component: LdapPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.11

Description

When I sets group_bind = true, Trac returns an error:


Traceback (most recent call last):

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/api.py", line 367, in send_error

'text/html')

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/chrome.py", line 708, in render_template

data = self.populate_data(req, data)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/chrome.py", line 618, in populate_data

dchrome?.update(req.chrome)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/api.py", line 194, in getattr

value = self.callbacks[name](self)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/web/chrome.py", line 476, in prepare_request

for category, name, text in contributor.get_navigation_items(req):

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/ticket/web_ui.py", line 163, in get_navigation_items

if 'TICKET_CREATE' in req.perm:

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 524, in has_permission

return self._has_permission(action, resource)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 538, in _has_permission

check_permission(action, perm.username, resource, perm)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 425, in check_permission

perm)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 282, in check_permission

get_user_permissions(username)

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 357, in get_user_permissions

for perm in self.store.get_user_permissions(username):

File "/usr/lib/python2.5/site-packages/Trac-0.11.3-py2.5.egg/trac/perm.py", line 170, in get_user_permissions

subjects.update(provider.get_permission_groups(username))

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 108, in get_permission_groups

ldapgroups = self._get_user_groups(username)

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 149, in _get_user_groups

ldap_groups = self._ldap.get_groups()

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 541, in get_groups

groups = self.get_dn(self.basedn, 'objectclass=' + self.groupname)

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 564, in get_dn

sr = self._search(basedn, filterstr, dn?, ldap.SCOPE_SUBTREE)

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 647, in _search

self._open()

File "build/bdist.linux-x86_64/egg/ldapplugin/api.py", line 632, in _open

self._ds.simple_bind_s(self.bind_user, self.bind_passwd)

File "/usr/lib/python2.5/site-packages/ldap/ldapobject.py", line 197, in simple_bind_s

msgid = self.simple_bind(who,cred,serverctrls,clientctrls)

File "/usr/lib/python2.5/site-packages/ldap/ldapobject.py", line 191, in simple_bind

return self._ldap_call(self._l.simple_bind,who,cred,EncodeControlTuples(serverctrls),EncodeControlTuples(clientctrls))

File "/usr/lib/python2.5/site-packages/ldap/ldapobject.py", line 96, in _ldap_call

result = func(*args,kwargs)

TypeError: argument 2 must be string or read-only buffer, not None

Attachments (0)

Change History (1)

comment:1 Changed 3 years ago by rverchere

You may enter a password for your bind user.
See LdapPlugin#AuthenticatedLDAPconnections

[ldap]
group_bind = true
bind_user = user
bind_passwd = passwd

Here is also a patch to warn user when using bind with bind_user only (missing bind_passwd):

  • ldapplugin/api.py

     
    637637                                       (protocol, self.host, self.port)) 
    638638            self._ds.protocol_version = ldap.VERSION3 
    639639            if self.bind: 
    640                 if not self.bind_user: 
     640                if not self.bind_user or not self.bind_passwd: 
    641641                    raise TracError("Bind enabled but credentials not defined") 
    642642                head = self.bind_user[:self.bind_user.find(',')] 
    643643                if ( head.find('=') == -1 ): 

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.