Modify

Opened 4 years ago

Closed 13 months ago

Last modified 13 months ago

#11531 closed defect (fixed)

Cannot authenticate with accented chars

Reported by: anonymous Owned by: Nikolaos Papagrigoriou
Priority: normal Component: TracLdapAuthPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.12

Description (last modified by Jun Omae)

If there is an accented char (like ò) in the login field, the authentication fails with the following error (see the last row):

Trac[store] DEBUG: LDAPAuth: Unexpected error: Traceback (most recent call last):
  File "build/bdist.linux-x86_64/egg/ldapauth/store.py", line 69, in check_password
    bind_cn = self._search_user(conn, user)
  File "build/bdist.linux-x86_64/egg/ldapauth/store.py", line 129, in _search_user
    self.search_filter % user)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 516, in search_s
    return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 509, in search_ext_s
    msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 505, in search_ext
    timeout,sizelimit,
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
UnicodeEncodeError: 'ascii' codec can't encode character u'\xf2' in position 39: ordinal not in range(128)

May be a solution could be to encode('utf-8')? http://stackoverflow.com/questions/1652904/unicodeencodeerror-ascii-codec-cant-encode-character

If this cannot be fixed in the TracLdapAuthPlugin code, what can be done to avoid this issue? Thanks

Attachments (0)

Change History (8)

comment:1 Changed 4 years ago by Jun Omae

Description: modified (diff)

comment:2 Changed 4 years ago by anonymous

Wondering how long is it needed to fix this issue? days? weeks? months? years?

comment:3 Changed 4 years ago by Nikolaos Papagrigoriou

It will take some time to fix it because I do not control an LDAP server where I could create users with usernames containing non-ascii characters. I.e. I have no way to easily reproduce your issue.

The problem seems to be related to how python-ldap treats unicode characters. See

https://code.djangoproject.com/ticket/11526

I could provide a fix but I have no way to test it. Sorry for that.

Could you avoid usernames with non-ascii characters or convert the accented characters to non accented ones? For example, in German the character "ü" is converted to "ue".

comment:4 Changed 4 years ago by anonymous

Thanks for your reply.

You could create a virtual machine (eg debian) with openLDAP eg: sudo apt-get update sudo apt-get install slapd sudo apt-get install ldap-utils

and use Apache Directory Studio client to add some users https://directory.apache.org/studio/downloads.html

In the meanwhile I try to avoid non ascii chars. Regards

comment:5 Changed 13 months ago by mstolle

This fix is simple, just tried it:

in checkpassword add after the is_empty check

       if isinstance(password, unicode):
            password = password.encode("utf-8")

comment:6 Changed 13 months ago by Ryan J Ollos

Resolution: fixed
Status: newclosed

In 16569:

TracLDAPAuth 1.2.2: Fix login failures with non-ascii characters in username

Patch by mstolle.

Fixes #11531.

comment:7 Changed 13 months ago by Ryan J Ollos

Please confirm that it's working correctly after r16569.

comment:8 Changed 13 months ago by mstolle

Works

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Nikolaos Papagrigoriou.
The resolution will be deleted.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.