allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brond...@apache.org
Subject [05/11] git commit: [#7388] add logging to help debug LDAP config
Date Fri, 23 May 2014 17:54:58 GMT
[#7388] add logging to help debug LDAP config


Project: http://git-wip-us.apache.org/repos/asf/allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/allura/commit/526864d6
Tree: http://git-wip-us.apache.org/repos/asf/allura/tree/526864d6
Diff: http://git-wip-us.apache.org/repos/asf/allura/diff/526864d6

Branch: refs/heads/master
Commit: 526864d61a6e8f68da80e23ca00ba90b91f204e2
Parents: a6baa40
Author: Dave Brondsema <dbrondsema@slashdotmedia.com>
Authored: Fri May 23 17:51:53 2014 +0000
Committer: Dave Brondsema <dbrondsema@slashdotmedia.com>
Committed: Fri May 23 17:53:45 2014 +0000

----------------------------------------------------------------------
 Allura/allura/controllers/auth.py | 2 ++
 Allura/allura/lib/plugin.py       | 4 ++++
 Allura/development.ini            | 2 ++
 3 files changed, 8 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/allura/blob/526864d6/Allura/allura/controllers/auth.py
----------------------------------------------------------------------
diff --git a/Allura/allura/controllers/auth.py b/Allura/allura/controllers/auth.py
index 47857f4..a0d1848 100644
--- a/Allura/allura/controllers/auth.py
+++ b/Allura/allura/controllers/auth.py
@@ -120,11 +120,13 @@ class AuthController(BaseController):
         user_record = M.User.query.find(
             {'tool_data.AuthPasswordReset.hash': hash}).first()
         if not user_record:
+            log.info('Reset hash not found: {}'.format(hash))
             flash('Unable to process reset, please try again')
             redirect(login_url)
         hash_expiry = user_record.get_tool_data(
             'AuthPasswordReset', 'hash_expiry')
         if not hash_expiry or hash_expiry < datetime.datetime.utcnow():
+            log.info('Reset hash expired: {} {}'.format(hash, hash_expiry))
             flash('Unable to process reset, please try again')
             redirect(login_url)
         return user_record

http://git-wip-us.apache.org/repos/asf/allura/blob/526864d6/Allura/allura/lib/plugin.py
----------------------------------------------------------------------
diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py
index 5846845..fcc3aea 100644
--- a/Allura/allura/lib/plugin.py
+++ b/Allura/allura/lib/plugin.py
@@ -391,10 +391,13 @@ class LdapAuthenticationProvider(AuthenticationProvider):
             raise exc.HTTPUnauthorized()
 
     def _login(self):
+        if ldap is None:
+            raise Exception('The python-ldap package needs to be installed.  Run `pip install
python-ldap` in your allura environment.')
         from allura import model as M
         user = M.User.query.get(
             username=self.request.params['username'], disabled=False)
         if user is None:
+            log.debug('LdapAuth: no active user {} found in local mongo, not checking LDAP'.format(self.request.params['username']))
             raise exc.HTTPUnauthorized()
         try:
             dn = 'uid=%s,%s' % (
@@ -404,6 +407,7 @@ class LdapAuthenticationProvider(AuthenticationProvider):
             con.bind_s(dn, self.request.params['password'])
             con.unbind_s()
         except (ldap.INVALID_CREDENTIALS, ldap.UNWILLING_TO_PERFORM):
+            log.debug('LdapAuth: could not authenticate {}'.format(user.username), exc_info=True)
             raise exc.HTTPUnauthorized()
         return user
 

http://git-wip-us.apache.org/repos/asf/allura/blob/526864d6/Allura/development.ini
----------------------------------------------------------------------
diff --git a/Allura/development.ini b/Allura/development.ini
index a792d44..f3e2b0c 100644
--- a/Allura/development.ini
+++ b/Allura/development.ini
@@ -81,6 +81,8 @@ auth.method = local
 # auth.logout_url = /auth/logout
 # auth.login_fragment_url = /auth/login_fragment
 
+# if using LDAP, also run `pip install python-ldap` in your Allura environment
+
 auth.ldap.server = ldap://localhost
 auth.ldap.suffix = ou=people,dc=localdomain
 auth.ldap.admin_dn = cn=admin,dc=localdomain


Mime
View raw message