Issue #348: InvalidRequestError when connecting with LDAP
| Reported by: | Samuel Delisle |
| State: | resolved |
| Created on: | 2019-10-23 04:01 |
| Updated on: | 2019-10-23 16:49 |
Description
After upgrading from 0.3.3 to 0.4.1, I get an InvalidRequestError when trying to login. The error output is this:
InvalidRequestError: This Session's transaction has been rolled back due to a previous exception during flush. To begin a new transaction with this Session, first issue Session.roll). Original exception was: (raised as a result of Query-invoked autoflush; consider using a session.no_autoflush block if this flush is occurring prematurely) (sqlite3.ProgrammingError) You must not use 8-bit bytestrings unless you use a text_factory that can interpret 8-bit bytestrings (like text_factory = str). It is highly recommended that you instead just switc your application to Unicode strings. [SQL: u'UPDATE users SET password=?, extern_name=? WHERE users.user_id = ?'] [parameters: ('*************', 'CN=*******,OU=D\xc3\xa9veloppement,OU=*********, DC=*****,DC=*****', 3)] (Background on this error at: http://sqlalche.me/e/f405)
The error seems to be caused by the non-ascii character in the first OU, which should be “Développement”. Login works fine with another user that is not part of that particular group.
I guess a workaround would be to have IT change the name of that group (and possibly several others), but they probably won’t like me…
Some other information:
- Ubuntu 16.04.6 LTS
- Installed Kallithea with a virtualenv
- pip freeze:
alembic==1.0.11 amqp==1.4.9 anyjson==0.3.3 Babel==2.6.0 backlash==0.1.4 bcrypt==3.1.7 Beaker==1.11.0 billiard==3.3.0.23 bleach==3.0.2 celery==3.1.26.post2 certifi==2019.9.11 cffi==1.13.1 Click==7.0 crank==0.8.1 decorator==4.3.2 docutils==0.14 dulwich==0.19.13 FormEncode==1.3.1 funcsigs==1.0.2 gearbox==0.2.0 hupper==1.9 Kallithea==0.4.1 kombu==3.0.37 Mako==1.0.14 Markdown==2.6.11 MarkupSafe==1.1.1 mercurial==4.9.1 Paste==3.0.8 PasteDeploy==2.0.1 psycopg2==2.8.4 pyasn1==0.4.7 pyasn1-modules==0.2.7 pycparser==2.19 Pygments==2.2.0 python-dateutil==2.7.5 python-editor==1.0.4 python-ldap==3.2.0 pytz==2019.3 rabbitmq==0.2.0 repoze.lru==0.7 Routes==1.13 six==1.12.0 SQLAlchemy==1.2.19 Tempita==0.5.2 tgext.routes==0.2.0 TurboGears2==2.3.12 urllib3==1.25.6 URLObject==2.4.3 waitress==1.1.0 webencodings==0.5.1 WebHelpers==1.3 WebOb==1.7.4 Whoosh==2.7.4
- This whole traceback is also printed just before the error message posted above:
Traceback (most recent call last):
File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/wsgiapp.py", line 120, in __call__
response = self.wrapped_dispatch(controller, environ, context)
File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/appwrappers/errorpage.py", line 90, in __call__
resp = self.next_handler(controller, environ, context)
File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/appwrappers/caching.py", line 54, in __call__
return self.next_handler(controller, environ, context)
File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/appwrappers/session.py", line 71, in __call__
response = self.next_handler(controller, environ, context)
File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/appwrappers/i18n.py", line 71, in __call__
return self.next_handler(controller, environ, context)
File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/wsgiapp.py", line 285, in _dispatch
return controller(environ, context)
File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/lib/base.py", line 527, in __call__
session.get('authuser'),
File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/lib/base.py", line 458, in _determine_auth_user
for plugin in auth_modules.get_auth_plugins()
File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/lib/auth_modules/__init__.py", line 321, in get_auth_plugins
for plugin_name in Setting.get_by_name("auth_plugins").app_settings_value:
File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/model/db.py", line 249, in get_by_name
.filter(cls.app_settings_name == key).scalar()
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3069, in scalar
ret = self.one()
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3039, in one
ret = self.one_or_none()
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3008, in one_or_none
ret = list(self)
File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/lib/caching_query.py", line 81, in __iter__
return Query.__iter__(self)
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3081, in __iter__
return self._execute_and_instances(context)
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3103, in _execute_and_instances
querycontext, self._connection_from_session, close_with_result=True
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3111, in _get_bind_args
mapper=self._bind_mapper(), clause=querycontext.statement, **kw
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3096, in _connection_from_session
conn = self.session.connection(**kw)
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/session.py", line 1120, in connection
execution_options=execution_options,
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/session.py", line 1126, in _connection_for_bind
engine, execution_options
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/session.py", line 401, in _connection_for_bind
self._assert_active()
File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/session.py", line 288, in _assert_active
% self._rollback_exception
Attachments
Comments
Comment by Samuel Delisle, on 2019-10-23 04:03
Comment by Mads Kiilerich, on 2019-10-23 09:37
That seems similar to https://kallithea-scm.org/repos/kallithea/changeset/1943c6f00cd8c1c110ecbf7bccdedde997ba20de?at=stable - fixed on the stable branch where it could become 0.4.2 . Can you try that fix - perhaps by just editing the file directly.
Comment by Samuel Delisle, on 2019-10-23 15:10
YES! That works, thank you!
Comment by Samuel Delisle, on 2019-10-23 16:49