Modify

Opened 10 years ago

Closed 10 years ago

#12157 closed defect (fixed)

LdapAuthStorePlugin dies on login with exceptions.KeyError when LDAP Attribute is not present (name or email)

Reported by: steinbach.till@… Owned by: igoltz
Priority: high Component: LdapAuthStorePlugin
Severity: critical Keywords:
Cc: steinbach.till@… Trac Release: 1.0

Description

When the attributes specified for name and mail are not available in the response of the server when obtaining the user the script dies with exceptions.KeyError in ldap_store.py:

# Store values from ldap in the session cache
for attr in ('name', 'email'):
    if not attrs[attr]:
        continue
    value = unicode(attrs[attr], 'utf-8')

if required I can provide the sequence of function calls leading up to the error.

Versions:

Attachments (0)

Change History (5)

comment:1 Changed 10 years ago by igoltz

I not anymore have the infrastructure to run the plugin, so I can't test it. But you could try this change. Just above your code excerpt a block like this is found

        attrs = {}
        try:
            attrs['name'] = result[0][1][self.ldap_name_attr][0]
        except:
            self.log.warn('Attribute %s not found in %s' % (self.ldap_name_attr, dn.decode('iso-8859-15')))
        try:
            attrs['email'] = result[0][1][self.ldap_email_attr][0]
        except:
            self.log.warn('Attribute %s not found in %s' % (self.ldap_email_attr, dn.decode('iso-8859-15')))

Change to this, adding attrs['XXX'] = '' after each except

        attrs = {}
        try:
            attrs['name'] = result[0][1][self.ldap_name_attr][0]
        except:
            attrs['name'] = ''
            self.log.warn('Attribute %s not found in %s' % (self.ldap_name_attr, dn.decode('iso-8859-15')))
        try:
            attrs['email'] = result[0][1][self.ldap_email_attr][0]
        except:
            attrs['email'] = ''
            self.log.warn('Attribute %s not found in %s' % (self.ldap_email_attr, dn.decode('iso-8859-15')))
Last edited 10 years ago by Ryan J Ollos (previous) (diff)

comment:2 Changed 10 years ago by anonymous

Seems to fix the issue! Thanks!

comment:3 Changed 10 years ago by Ryan J Ollos

Should we commit the change? Let me know, I would be happy to commit it.

comment:4 Changed 10 years ago by anonymous

I have tested that with one user, only. We are currently moving a trac with a lot of users to LDAP, let me see if that goes well first!

comment:5 Changed 10 years ago by Ryan J Ollos

Resolution: fixed
Status: newclosed

In 14622:

0.3.2dev: Avoid KeyError when attributes can't be retrieved. Fixes #12157.

Patch by igoltz.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain igoltz.
The resolution will be deleted. Next status will be 'reopened'.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.