Modify

Opened 3 years ago

Closed 2 years ago

#9078 closed defect (duplicate)

Login: "Invalid username or password" , trac 0.12

Reported by: anonymous Owned by: pacopablo
Priority: normal Component: DirectoryAuthPlugin
Severity: major Keywords: Invalid username password trac 0.12
Cc: Trac Release: 0.12

Description

Hello,

i have tested the ActiveDirectoryAuthPlugin since yesterday. It takes some time to find the correct configuration, but now the config seems to be correct.

Every time i try to log in, I get the error "Invalid username or password". I am pretty sure that I am using the correct configuration.
Is it possible that there is an error with trac 0.12 and the plug-in?

The configuration file look like this:

[account-manager]
password_store = ADAuthStore

ad_server = my.server:3268
base_dn = dc=ad,dc=de
bind_dn = cn=ldapuser,cn=users,dc=ad,dc=de
bind_passwd = xxxxx
auth_group = cn=customers,ou=groups,ou=sec,dc=dc,dc=de

[trac]
...
permission_store = UserExtensiblePermissionStore
...

Attachments (0)

Change History (3)

comment:1 Changed 3 years ago by myingling@…

I am experiencing a similar issue. I believe it comes from a change in AccountManagerPlugin, not Trac, which broke integration with ActiveDirectoryAuthPlugin.

I was using Trac 0.12 and upgraded to 0.12.2, but the problem showed up when I upgraded AccountManagerPlugin to 0.4. Unfortunately, 0.3, and 0.4dev both have the issue. I was using things successfully with 0.3dev_r9785, and traced the bug to showing up in 0.3dev_r10264.

Try downgrading your AccountManagerPlugin to 0.3dev_r10263. Create a folder and check it out: Use svn co -r10263 https://trac-hacks.org/svn/accountmanagerplugin/trunk

In my testing, ActiveDirectoryAuthPlugin is correctly communicating with the LDAP server, but the result is getting lost somewhere by AccountManagerPlugin. Maybe someone can figure out what happened to break things in r10264.

comment:2 Changed 3 years ago by myingling@…

The ActiveDirectoryAuthPlugin check_password() function in auth.py is at fault. r10264 line 714 of AccountManagerPlugin now enforces a return of True instead of non-null. check_password() returns an ldap object, False or None, not True or False. The non-True causes the check to fail.

A workaround was already filed in #9112.

comment:3 Changed 2 years ago by sandinak

  • Resolution set to duplicate
  • Status changed from new to closed

fixed in #9112 and integrated into 0.3

Add Comment

Modify Ticket

Action
as closed .
as The resolution will be set. Next status will be 'closed'.
to The owner will be changed from pacopablo. Next status will be 'closed'.
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.