star7th / showdoc

ShowDoc is a tool greatly applicable for an IT team to share documents online一个非常适合IT团队的在线API文档、技术文档工具
https://www.showdoc.com.cn
Other
12.24k stars 2.19k forks source link

配置LDAP基于AD域控绑定认证后用户无法登录showdoc #1222

Closed charlie2009 closed 3 years ago

charlie2009 commented 3 years ago

配置LDAP基于AD域控绑定认证后用户后,用户已经同步拉下来了,但是当时用LDAP账户登录时无法登录,点击登录没有反应也没有任何报错跳出来

star7th commented 3 years ago

点击登录没有反应的时候,看看网络请求返回什么报错

charlie2009 notifications@github.com 于2021年1月14日周四 下午1:11写道:

配置LDAP基于AD域控绑定认证后用户后,用户已经同步拉下来了,但是当时用LDAP账户登录时无法登录,点击登录没有反应也没有任何报错跳出来

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLVNWL4VRTGR57IOXELSZZ4IDANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

tail -f /var/log/messages Jan 14 14:40:12 CNSH1DB009V journal: 2021/01/14 06:40:12 [info] 22#22: *38 epollwait() reported that client prematurely closed connection, so upstream connection is closed too while sending request to upstream, client: 10.6.1.120, server: , request: "POST /server/index.php?s=/api/user/login HTTP/1.0", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "showdoc.test.com.cn", referrer: "https://showdoc.text.com.cn/web/" Jan 14 14:40:12 CNSH1DB009V journal: 10.6.1.120 - - [14/Jan/2021:06:40:12 +0000] "POST /server/index.php?s=/api/user/login HTTP/1.0" 499 0 "https://showdoc.test.com.cn/web/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"

star7th commented 3 years ago

我是说浏览器里的网络请求返回的结果

charlie2009 notifications@github.com 于2021年1月14日周四 下午2:42写道:

tail -f /var/log/messages Jan 14 14:40:12 CNSH1DB009V journal: 2021/01/14 06:40:12 [info] 22#22: *38 epollwait() reported that client prematurely closed connection, so upstream connection is closed too while sending request to upstream, client: 10.6.1.120, server: , request: "POST /server/index.php?s=/api/user/login HTTP/1.0", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "showdoc.test.com.cn", referrer: "https://showdoc.text.com.cn/web/" Jan 14 14:40:12 CNSH1DB009V journal: 10.6.1.120 - - [14/Jan/2021:06:40:12 +0000] "POST /server/index.php?s=/api/user/login HTTP/1.0" 499 0 " https://showdoc.test.com.cn/web/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-759962387, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLSTS7L2UNS3DT54S63SZ2G33ANCNFSM4WB35XOQ .

star7th commented 3 years ago

右击,审查元素,网络,响应

Chen Xing xing7th@gmail.com 于2021年1月14日周四 下午2:44写道:

我是说浏览器里的网络请求返回的结果

charlie2009 notifications@github.com 于2021年1月14日周四 下午2:42写道:

tail -f /var/log/messages Jan 14 14:40:12 CNSH1DB009V journal: 2021/01/14 06:40:12 [info] 22#22: *38 epollwait() reported that client prematurely closed connection, so upstream connection is closed too while sending request to upstream, client: 10.6.1.120, server: , request: "POST /server/index.php?s=/api/user/login HTTP/1.0", upstream: "fastcgi://unix:/var/run/php-fpm.sock:", host: "showdoc.test.com.cn", referrer: "https://showdoc.text.com.cn/web/" Jan 14 14:40:12 CNSH1DB009V journal: 10.6.1.120 - - [14/Jan/2021:06:40:12 +0000] "POST /server/index.php?s=/api/user/login HTTP/1.0" 499 0 " https://showdoc.test.com.cn/web/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-759962387, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLSTS7L2UNS3DT54S63SZ2G33ANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

showdoc

star7th commented 3 years ago

点击其中一个红色的网络请求,看看有没有什么返回。另外看一下控制台报什么错

charlie2009 notifications@github.com 于2021年1月14日周四 下午3:33写道:

[image: showdoc] https://user-images.githubusercontent.com/29229817/104558444-c3c06a00-567d-11eb-8d04-452b518e2f93.png

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-759984426, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLSNX3OZ6RJ4PGPB3FDSZ2M3PANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

showdoc showdoc1

star7th commented 3 years ago

点response

charlie2009 notifications@github.com 于2021年1月14日周四 下午4:32写道:

[image: showdoc] https://user-images.githubusercontent.com/29229817/104564561-04bc7c80-5686-11eb-914b-b85e5295d7db.png [image: showdoc1] https://user-images.githubusercontent.com/29229817/104564565-05eda980-5686-11eb-842c-b6f016c2ceac.png

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760018803, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLV2QHVYSFZMCMRK4RLSZ2TZDANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

红色失败的显示Failed to load response data

star7th commented 3 years ago

这个问题太诡异了。建议提供外网链接。不然一个个问题地问太麻烦了。如果你无法提供外网可重现例子,我可能无法帮助你。

charlie2009 notifications@github.com 于2021年1月14日周四 下午4:44写道:

红色失败的显示Failed to load response data

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760025435, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLTQJDCLWNX3APRMSD3SZ2VGXANCNFSM4WB35XOQ .

star7th commented 3 years ago

你就说的 Failed to load response data ,这不是ldap的问题,是整个环境都挂了。建议你先好好检查程序文档能不能正常访问

Chen Xing xing7th@gmail.com 于2021年1月14日周四 下午4:46写道:

这个问题太诡异了。建议提供外网链接。不然一个个问题地问太麻烦了。如果你无法提供外网可重现例子,我可能无法帮助你。

charlie2009 notifications@github.com 于2021年1月14日周四 下午4:44写道:

红色失败的显示Failed to load response data

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760025435, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLTQJDCLWNX3APRMSD3SZ2VGXANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

用Docker部署的,yum装了个Nginx,没有部署其他的,提供Teamviewer 或者向日葵可以吗

star7th commented 3 years ago

不好意思,我原则上不亲自帮人弄好环境。不然开了这个头,以后人人都来找我,我没精力。我只提供思路。目前你可以先看看文档是否能正常访问。如果还没有数据的话,可考虑重装。

charlie2009 notifications@github.com 于2021年1月14日周四 下午4:51写道:

用Docker部署的,yum装了个Nginx,没有部署其他的,提供Teamviewer 或者向日葵可以吗

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760032120, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLUBIXERII3V2BCDBF3SZ2WAJANCNFSM4WB35XOQ .

star7th commented 3 years ago

另外 为了排除nginx影响,请先用4999端口完成调试工作。

Chen Xing xing7th@gmail.com 于2021年1月14日周四 下午4:55写道:

不好意思,我原则上不亲自帮人弄好环境。不然开了这个头,以后人人都来找我,我没精力。我只提供思路。目前你可以先看看文档是否能正常访问。如果还没有数据的话,可考虑重装。

charlie2009 notifications@github.com 于2021年1月14日周四 下午4:51写道:

用Docker部署的,yum装了个Nginx,没有部署其他的,提供Teamviewer 或者向日葵可以吗

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760032120, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLUBIXERII3V2BCDBF3SZ2WAJANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

OK,谢谢版主

charlie2009 commented 3 years ago

再问一下,如果要配置SSL域名访问是不是拉下来的Docker安装好,需要部署Nginx转发对吧

star7th commented 3 years ago

用nginx做转发的思路是对的。只是你要先保证4999服务没问题。

charlie2009 notifications@github.com 于2021年1月14日周四 下午5:05写道:

再问一下,如果要配置SSL域名访问是不是拉下来的Docker安装好,需要部署Nginx转发对吧

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760048792, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLUKMKMLCKQKRUU47UDSZ2XT7ANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

好的,测试没问题的话,后期可以要求用户上版主的商业版

star7th commented 3 years ago

开源版不打算出收费版。只对使用官网服务收费 https://www.showdoc.com.cn/ 如果是常规问题直接github即可。如果要获取靠谱的商业支持可以在官网购买个旗舰版然后会有微信支持服务,就顺便支持私有版。

charlie2009 notifications@github.com 于2021年1月14日周四 下午5:26写道:

好的,测试没问题的话,后期可以要求用户上版主的商业版

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760071299, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLXOHRFZEBGLSAXRJRLSZ22CXANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

了解

charlie2009 commented 3 years ago

Showdoc支持配置SSO单点登录认证吗,有配置文档没有,我试试看这个,版主

star7th commented 3 years ago

暂不支持。说实话不同的认证源有不同的接入方式,这个以后得花时间探索。

charlie2009 notifications@github.com 于2021年1月15日周五 上午11:52写道:

Showdoc支持配置SSO单点登录认证吗,有配置文档没有,我试试看这个,版主

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760628059, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLW4HGA3KIMKNBBGOOLSZ63ZPANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

嗯,了解

charlie2009 commented 3 years ago

重新部署showdoc系统后,设置从AD绑定LDAP,但是没有全部把用户同步下来就不同步了,怎么办,ldap配置和之前一样,之前很多页,现在只有一半页数。知道原因吗

star7th commented 3 years ago

我很难凭空猜是什么原因。不知道是不是中途有错误。另外你试下文档使用正常不。我无法重现的问题我可能解决不了。

charlie2009 notifications@github.com 于2021年1月15日周五 下午1:31写道:

重新部署showdoc系统后,设置从AD绑定LDAP,但是没有全部把用户同步下来就不同步了,怎么办,ldap配置和之前一样,之前很多页,现在只有一半页数。知道原因吗

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760656403, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLRTGQNWU4BISEJAF5DSZ7HMPANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

会不会sqlite数据库字段限制同步用户的数量或者需要等很久同步完用户信息才能操作文档及用户登录,已同步的童虎可以登录

star7th commented 3 years ago

那点数据量应该不会到达sqlite的瓶颈。php本身有内存和执行时间限制不知道会不会是这个。你在设置那里再点击一次保存,它会重新根据配置同步ladp。看看有没有效果。如果还是中断,则再尝试并看看此时中断返回的提示信息是什么

charlie2009 notifications@github.com 于2021年1月15日周五 下午2:57写道:

会不会sqlite数据库字段限制同步用户的数量或者需要等很久同步完用户信息才能操作文档及用户登录,已同步的童虎可以登录

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760694663, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLQM2M2T7ORZKL3WLRLSZ7RL5ANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

咱们showdoc能改logo吗,在什么路径下替换哪个文件?

star7th commented 3 years ago

不能改。版权来的。

charlie2009 notifications@github.com 于2021年1月15日周五 下午6:48写道:

咱们showdoc能改logo吗,在什么路径下替换哪个文件?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/star7th/showdoc/issues/1222#issuecomment-760845012, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAQZHLRADMNS6FHF2M4SFYLS2AMRLANCNFSM4WB35XOQ .

charlie2009 commented 3 years ago

好的

star7th commented 3 years ago

有人反馈了个问题。在这个问题的后面,有人指出可能是ldap本身有数量返回限制,所以导致只能同步一部分用户。 https://github.com/star7th/showdoc/issues/1242