<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">I'm not familiar with supervisord. I
would expect the print output to show up in your stdout_logfile
... but only after a restart of supervisord (or your Kallithea
service).</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Do you see other output in the log?
What?</div>
<div class="moz-cite-prefix">Perhaps instead try <br>
</div>
<div class="moz-cite-prefix">log.error('Got ldap DN response %s:
%r', user_dn, ldap_attrs)</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">Perhaps also try temporarily running
gearbox in the foreground as the Kallithea user, just for testing.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">(Others with a working AD/LDAP setup
can perhaps also help out testing.)</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">/Mads</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 3/5/20 5:41 PM, Reuben Popp wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAB-aZK8Dv=u7+7du5ANQfh=XnjG=KRaDBmb62CRfqQOQUjNa3A@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Okay, so I added that line, along with an
additional line above it to print my name as a placeholder, but
I'm not seeing this in the stdout file (I'm running kallithea
using supervisord). Is there something else I need to do or add
to my.ini?<br>
<br>
Thanks again</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Thu, Mar 5, 2020 at 9:48 AM
Mads Kiilerich <<a href="mailto:mads@kiilerich.com"
moz-do-not-send="true">mads@kiilerich.com</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div>
<div>On 3/5/20 4:29 PM, Reuben Popp wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Good morning Mads (or afternoon as the case
may be where you're at).<br>
<br>
My apologies that the report was so sparse. When I
wrote it, I was neck deep in the middle of trying to get
things set up for our architects to trial Kallithea.<br>
<br>
Yes, this was the default branch downloaded from the
bitbucket mirror on February 25th.<br>
<br>
My original report and fix were incorrect. With it in
place, what I noticed was that while an Active Directory
account could log in, it would prevent me from logging
in using the (local) kallithea admin account. My best
guess here, being a relatively new python noob is that
in the case of the kallithea admin account, the email
was a string literal, which would then fail because
there was no decode() method. On the other hand, it
would work for a byte string such as that coming from
AD.<br>
<br>
That said, the following works for both AD and the local
kallithea account:<br>
<br>
<p class="MsoNormal">--- lib/helpers.py 2020-02-25
11:18:44.000000000 -0600</p>
<p class="MsoNormal">+++ lib/helpers.py.new 2020-03-05
09:11:30.394700849 -0600</p>
<p class="MsoNormal">@@ -951,6 +951,9 @@</p>
<p class="MsoNormal"> if email_address == _def:</p>
<p class="MsoNormal"> return default</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">+ if isinstance(email_address,
bytes):</p>
<p class="MsoNormal">+ email_address =
email_address.decode('utf-8')</p>
<p class="MsoNormal">+</p>
<p class="MsoNormal"> parsed_url =
urllib.parse.urlparse(url.current(qualified=True))</p>
<p class="MsoNormal"> url = (c.visual.gravatar_url
or User.DEFAULT_GRAVATAR_URL) \</p>
<p class="MsoNormal"> .replace('{email}',
email_address) \</p>
<br>
One thing of note though, and I think this is a deeper
issue, as you said, and that's when I look at any AD
user account in kallithea, each field (eg, first, last,
etc) is enclosed in the byte (?) field delimiter. eg:
b'Reuben' b'Popp'<br>
</div>
</blockquote>
<p><br>
</p>
<p>Yes, the problem seems to be that values retrieved from
LDAP are byte encoded. They should be decoded in
auth_ldap. But probably only some of the values. I would
thus still need</p>
<p><br>
</p>
<blockquote type="cite"><br>
<div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px
0px 0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex"> Can you try this
and report back when it prints out when you log in <br>
using AD/LDAP?<br>
<br>
--- kallithea/lib/auth_modules/auth_ldap.py<br>
+++ kallithea/lib/auth_modules/auth_ldap.py<br>
@@ -326,6 +326,7 @@ class
KallitheaAuthPlugin(auth_modules.K<br>
aldap = AuthLdap(**kwargs)<br>
(user_dn, ldap_attrs) =
aldap.authenticate_ldap(username, <br>
password)<br>
log.debug('Got ldap DN response %s',
user_dn)<br>
+ print(ldap_attrs)<br>
<br>
def get_ldap_attr(k):<br>
return
ldap_attrs.get(settings.get(k), [''])[0]<br>
<br>
</blockquote>
</div>
</blockquote>
<p><br>
</p>
<p>/Mads</p>
<br>
</div>
</blockquote>
</div>
</blockquote>
<p><br>
</p>
</body>
</html>