search

adelahmd / mollify

Automatically exported from code.google.com/p/mollify
0 stars 0 forks source link

Can't connect with LDAP authentication #571

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1.  Add my ldap settings in the configuration file
2.  Add ldap to authentication types
3.  Add the user to mollify system with ldap authentication type

What is the expected output? What do you see instead?
The user cannot login, I get a modal window that states "request failed"

Here is the output from the debug log

{"code":100,"error":"Unauthorized 
request","details":"","data":null,"trace":["MySQLi DB: 
mollifyuser@localhost:mollifydb(mollify_)","Filesystem registered: 
local","VERSION: 2.5.14 SERVER: {HTTP_CACHE_CONTROL:max-age=0, 
SCRIPT_FILENAME:\/var\/www\/mollify\/backend\/r.php, SERVER_PROTOCOL:HTTP\/1.1, 
REQUEST_METHOD:GET, QUERY_STRING:, 
REQUEST_URI:\/mollify\/backend\/r.php\/debug, 
SCRIPT_NAME:\/mollify\/backend\/r.php, PATH_INFO:\/debug, 
PATH_TRANSLATED:\/var\/www\/debug, PHP_SELF:\/mollify\/backend\/r.php\/debug, 
REQUEST_TIME:1408648064}","SETTINGS: {db:{type:mysql, host:localhost, 
database:mollifydb, user:mollifyuser, password:, table_prefix:mollify_}, 
authentication_methods:{0:ldap}, ldap_server:ldap:\/\/10.30.40.32, 
ldap_conn_string:uid=[USER]dc=oasystems,dc=co, debug:1, 
debug_log:\/var\/log\/mollify\/debug.log}","FEATURES: {limited_http_methods:1, 
change_password:1, descriptions:1, user_groups:1, mail_notification:1, 
retrieve_url:1, folder_protection:1, thumbnails:1, guest_mode:1}","FILESYSTEM: 
allowed_file_upload_types={}","SESSION: is_active=, user=NULL, data={}","AUTH: 
is_authenticated=","REQUEST: method=get, path={0:debug}, ip=10.30.40.31, 
params={}, data=","SERVICE (DebugServices)","DB QUERY: select id from 
mollify_session where last_access < 20140821200744","ServiceException: 
UNAUTHORIZED=","{0:{file:\/var\/www\/mollify\/backend\/r.php, line:63, 
function:processRequest, class:MollifyBackend, type:->, 
args:{0:Request}}}","RESPONSE error {0:100, 1:Unauthorized request, 2:401}  "]}

What version of the product are you using? On what operating system?

2.5.14

It is running off a mac server.

Please provide any additional information below.

Original issue reported on code.google.com by jrw...@gmail.com on 4 Sep 2014 at 5:18

GoogleCodeExporter commented 8 years ago 
Here is the output right from the debug.log

MySQLi DB: mollifyuser@localhost:mollifydb(mollify_)Filesystem registered: 
localVERSION: 2.5.14 SERVER: {HTTP_CACHE_CONTROL:max-age=0, 
HTTP_X_REQUESTED_WITH:XMLHttpRequest, CONTENT_TYPE:application/json, 
HTTP_REFERER:http://10.30.40.158/mollify/, 
SCRIPT_FILENAME:/var/www/mollify/backend/r.php, SERVER_PROTOCOL:HTTP/1.1, 
REQUEST_METHOD:GET, QUERY_STRING:, 
REQUEST_URI:/mollify/backend/r.php/session/info/, 
SCRIPT_NAME:/mollify/backend/r.php, PATH_INFO:/session/info/, 
PATH_TRANSLATED:/var/www/session/info/, 
PHP_SELF:/mollify/backend/r.php/session/info/, 
REQUEST_TIME:1408649071}SETTINGS: {db:{type:mysql, host:localhost, 
database:mollifydb, user:mollifyuser, password:, table_prefix:mollify_}, 
authentication_methods:{0:pw, 1:ldap}, ldap_server:ldap://10.30.40.32, 
ldap_conn_string:uid=[USER]dc=oasystems,dc=co, debug:1, 
debug_log:/var/log/mollify/debug.log}FEATURES: {limited_http_methods:1, 
change_password:1, descriptions:1, user_groups:1, mail_notification:1, 
retrieve_url:1, folder_protection:1, thumbnails:1, guest_mode:1}FILESYSTEM: 
allowed_file_upload_types={}SESSION: is_active=, user=NULL, data={}AUTH: 
is_authenticated=REQUEST: method=get, path={0:session, 1:info}, ip=10.30.40.31, 
params={}, data=SERVICE (SessionServices)No authenticated session 
activeRESPONSE success {authenticated:, features:{limited_http_methods:1, 
change_password:1, descriptions:1, user_groups:1, mail_notification:1, 
retrieve_url:1, folder_protection:1, thumbnails:1, guest_mode:1}, plugins:{}, 
version:2.5.14, revision:3}

Original comment by jrw...@gmail.com on 4 Sep 2014 at 5:33

GoogleCodeExporter commented 8 years ago 
I have also made sure that the ldap user is an mollify administrator, but I 
still get this output, which from research looks like it means attempting to 
sign-in with a non-admin user.

Original comment by jrw...@gmail.com on 4 Sep 2014 at 5:35

GoogleCodeExporter commented 8 years ago 
Sorry, but none of these log entries are errors. First one is error from using 
debug url without admin user, and second just regular output line (note the 
last line "RESPONSE success").

Please look at the PHP error log, or look for keyword "ERROR".

Original comment by samuli.j...@gmail.com on 5 Sep 2014 at 6:04

GoogleCodeExporter commented 8 years ago 
I watched the php log while attempting to sign in.. no error, but the last line 
in the log is

[21-Aug-2014 22:06:49 UTC] MOLLIFY DEBUG: Authenticating with LDAP (server 
ldap://myserver): uid=myuser,dc=mydomain,dc=mydomain

Then nothing after that, and the web page displays the "request failed" modal.

Original comment by jrw...@gmail.com on 5 Sep 2014 at 4:00

GoogleCodeExporter commented 8 years ago 
[deleted comment]
GoogleCodeExporter commented 8 years ago 
Here is the entire log entry from the sign-in attempt

[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: MySQLi DB: 
mollifyuser@localhost:mollifydb(mollify_)
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: Filesystem registered: local
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: VERSION: 2.5.14 SERVER: 
{CONTENT_LENGTH:68, HTTP_ORIGIN:http://10.30.40.158, 
HTTP_X_REQUESTED_WITH:XMLHttpRequest, CONTENT_TYPE:application/json, 
HTTP_REFERER:http://10.30.40.158/mollify/, 
SCRIPT_FILENAME:/var/www/mollify/backend/r.php, SERVER_PROTOCOL:HTTP/1.1, 
REQUEST_METHOD:POST, QUERY_STRING:, 
REQUEST_URI:/mollify/backend/r.php/session/authenticate/, 
SCRIPT_NAME:/mollify/backend/r.php, PATH_INFO:/session/authenticate/, 
PATH_TRANSLATED:/var/www/session/authenticate/, 
PHP_SELF:/mollify/backend/r.php/session/authenticate/, REQUEST_TIME:1408659843}
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: SETTINGS: {db:{type:mysql, 
host:localhost, database:mollifydb, user:mollifyuser, password:, 
table_prefix:mollify_}, authentication_methods:{0:pw, 1:ldap}, 
ldap_server:ldap://myserver, 
ldap_conn_string:uid=[USER],dc=mydomain,dc=mydomain, debug:1, 
debug_log:/var/log/mollify/debug.log}
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: FEATURES: {limited_http_methods:1, 
change_password:1, descriptions:1, user_groups:1, mail_notification:1, 
retrieve_url:1, folder_protection:1, thumbnails:1, guest_mode:1}
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: FILESYSTEM: 
allowed_file_upload_types={}
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: SESSION: is_active=, user=NULL, 
data={}
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: AUTH: is_authenticated=
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: REQUEST: method=post, 
path={0:session, 1:authenticate}, ip=10.30.40.31, params={}, 
data={username:myuser, password:aEBuczNuODE=, remember:}
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: SERVICE (SessionServices)
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: DB QUERY: SELECT id, name, user_type, 
lang, email, ua.type as auth FROM mollify_user left outer join 
mollify_user_auth ua on id=ua.user_id WHERE name='myuser' AND (expiration is 
null or expiration > 20140822012403)
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: DB QUERY: SELECT user_id, type, hash, 
salt, hint FROM mollify_user_auth WHERE user_id='2'
[21-Aug-2014 22:24:03 UTC] MOLLIFY DEBUG: Authenticating with LDAP (server 
ldap://myserver): uid=myuser,dc=mydomain,dc=mydomain

Original comment by jrw...@gmail.com on 5 Sep 2014 at 4:22

GoogleCodeExporter commented 8 years ago 
Error displaying in web console:

POST http://10.30.40.158/mollify/backend/r.php/session/authenticate/ 500 
(Internal Server Error) 

Also this:
{"code":101,"error":"Invalid request","details":"Invalid SessionServices 
request: GET session\/authenticate","data":null,"trace":["MySQLi DB: 
mollifyuser@localhost:mollifydb(mollify_)","Filesystem registered: 
local","VERSION: 2.5.14 SERVER: 
{SCRIPT_FILENAME:\/var\/www\/mollify\/backend\/r.php, 
SERVER_PROTOCOL:HTTP\/1.1, REQUEST_METHOD:GET, QUERY_STRING:, 
REQUEST_URI:\/mollify\/backend\/r.php\/session\/authenticate\/, 
SCRIPT_NAME:\/mollify\/backend\/r.php, PATH_INFO:\/session\/authenticate\/, 
PATH_TRANSLATED:\/var\/www\/session\/authenticate\/, 
PHP_SELF:\/mollify\/backend\/r.php\/session\/authenticate\/, 
REQUEST_TIME:1408660578}","SETTINGS: {db:{type:mysql, host:localhost, 
database:mollifydb, user:mollifyuser, password:, table_prefix:mollify_}, 
authentication_methods:{0:pw, 1:ldap}, ldap_server:ldap:\/\/10.30.40.32, 
ldap_conn_string:uid=[USER],dc=oasystems,dc=co, debug:1, 
debug_log:\/var\/log\/mollify\/debug.log}","FEATURES: {limited_http_methods:1, 
change_password:1, descriptions:1, user_groups:1, mail_notification:1, 
retrieve_url:1, folder_protection:1, thumbnails:1, guest_mode:1}","FILESYSTEM: 
allowed_file_upload_types={}","SESSION: is_active=, user=NULL, data={}","AUTH: 
is_authenticated=","REQUEST: method=get, path={0:session, 1:authenticate}, 
ip=10.30.40.31, params={}, data=","ServiceException: INVALID_REQUEST=Invalid 
SessionServices request: GET 
session\/authenticate","{0:{file:\/var\/www\/mollify\/backend\/include\/services
\/ServicesBase.class.php, line:24, function:invalidRequestException, 
class:ServicesBase, type:->, args:{}}, 
1:{file:\/var\/www\/mollify\/backend\/include\/ServiceEnvironment.class.php, 
line:184, function:__construct, class:ServicesBase, type:->, 
args:{0:ServiceEnvironment, 1:Request, 2:session, 3:{0:authenticate}}}, 
2:{file:\/var\/www\/mollify\/backend\/include\/ServiceEnvironment.class.php, 
line:174, function:createService, class:ServiceEnvironment, type:->, 
args:{0:SessionServices, 1:Request, 2:session, 3:{0:authenticate}}}, 
3:{file:\/var\/www\/mollify\/backend\/include\/MollifyBackend.class.php, 
line:78, function:getService, class:ServiceEnvironment, type:->, 
args:{0:Request}}, 4:{file:\/var\/www\/mollify\/backend\/r.php, line:63, 
function:processRequest, class:MollifyBackend, type:->, 
args:{0:Request}}}","RESPONSE error {0:101, 1:Invalid request, 2:403} Invalid 
SessionServices request: GET session\/authenticate "]}

Original comment by jrw...@gmail.com on 5 Sep 2014 at 4:30

GoogleCodeExporter commented 8 years ago 
I apologize, turns out I did not have php5-ldap installed on the server!  :)

Ldap authentication is working now.

Just in case, it might be helpful to mention that in the documentation. 

I would really like to discuss implementing with you the ability to mount an 
Active Directory user's home directory into Mollify..

Contingent on that we can discuss purchasing a commercial license, as well as 
any freelance hours involved.

Let me know what you think.

Thanks again.

Original comment by jrw...@gmail.com on 6 Sep 2014 at 3:09

GoogleCodeExporter commented 8 years ago 
You are right, it probably should state the required library, and I'm gonna add 
it.

Regarding the Active Directory integration, could you describe it more what is 
it that want to achieve with it? (in my personal mail).

If there is a PHP library that can make this integration possible, I could 
consider adding it.

Original comment by samuli.j...@gmail.com on 16 Sep 2014 at 8:35