Modify

Opened 4 years ago

Closed 3 months ago

Last modified 3 months ago

#11531 closed defect (fixed)

Cannot authenticate with accented chars

Reported by: anonymous Owned by: Nikolaos Papagrigoriou
Priority: normal Component: TracLdapAuthPlugin
Severity: normal Keywords:
Cc: Trac Release: 0.12

Description (last modified by Jun Omae)

If there is an accented char (like ò) in the login field, the authentication fails with the following error (see the last row):

Trac[store] DEBUG: LDAPAuth: Unexpected error: Traceback (most recent call last):
  File "build/bdist.linux-x86_64/egg/ldapauth/store.py", line 69, in check_password
    bind_cn = self._search_user(conn, user)
  File "build/bdist.linux-x86_64/egg/ldapauth/store.py", line 129, in _search_user
    self.search_filter % user)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 516, in search_s
    return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 509, in search_ext_s
    msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 505, in search_ext
    timeout,sizelimit,
  File "/usr/lib/python2.6/dist-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
UnicodeEncodeError: 'ascii' codec can't encode character u'\xf2' in position 39: ordinal not in range(128)

May be a solution could be to encode('utf-8')? http://stackoverflow.com/questions/1652904/unicodeencodeerror-ascii-codec-cant-encode-character

If this cannot be fixed in the TracLdapAuthPlugin code, what can be done to avoid this issue? Thanks

Attachments (0)

Change History (8)

comment:1 Changed 4 years ago by Jun Omae

Description: modified (diff)

comment:2 Changed 4 years ago by anonymous

Wondering how long is it needed to fix this issue? days? weeks? months? years?

comment:3 Changed 4 years ago by Nikolaos Papagrigoriou

It will take some time to fix it because I do not control an LDAP server where I could create users with usernames containing non-ascii characters. I.e. I have no way to easily reproduce your issue.

The problem seems to be related to how python-ldap treats unicode characters. See

https://code.djangoproject.com/ticket/11526

I could provide a fix but I have no way to test it. Sorry for that.

Could you avoid usernames with non-ascii characters or convert the accented characters to non accented ones? For example, in German the character "ü" is converted to "ue".

comment:4 Changed 4 years ago by anonymous

Thanks for your reply.

You could create a virtual machine (eg debian) with openLDAP eg: sudo apt-get update sudo apt-get install slapd sudo apt-get install ldap-utils

and use Apache Directory Studio client to add some users https://directory.apache.org/studio/downloads.html

In the meanwhile I try to avoid non ascii chars. Regards

comment:5 Changed 3 months ago by mstolle

This fix is simple, just tried it:

in checkpassword add after the is_empty check

       if isinstance(password, unicode):
            password = password.encode("utf-8")

comment:6 Changed 3 months ago by Ryan J Ollos

Resolution: fixed
Status: newclosed

In 16569:

TracLDAPAuth 1.2.2: Fix login failures with non-ascii characters in username

Patch by mstolle.

Fixes #11531.

comment:7 Changed 3 months ago by Ryan J Ollos

Please confirm that it's working correctly after r16569.

comment:8 Changed 3 months ago by mstolle

Works

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Nikolaos Papagrigoriou.
The resolution will be deleted.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.