Successful LDAP query still reporting Invalid login. Please try again...

Thu, 06 May 2021 14:58:39 -0700 

Hi users@,
Running Airflow 2.0.2 locally attempting to debug this issue.
We have configured webserver_config.py as follows

from flask_appbuilder.security.manager import AUTH_LDAP
import os
WTF_CSRF_ENABLED = True
AUTH_TYPE = AUTH_LDAP
AUTH_ROLE_ADMIN = "Admin"
AUTH_USER_REGISTRATION = False
AUTH_USER_REGISTRATION_ROLE = "Admin"
AUTH_LDAP_SERVER = "ldaps://...:636"
AUTH_LDAP_SEARCH = "ou=personnel,dc=dir,dc=...,dc=...,dc=..."
AUTH_LDAP_BIND_USER = 
"uid={},ou=applications,dc=dir,dc=...,dc=...,dc=...".format(os.environ.get("AUTH_LDAP_APPLICATION_BIND_USER"))
AUTH_LDAP_BIND_PASSWORD = os.environ.get("AUTH_LDAP_APPLICATION_BIND_PASSWORD")
AUTH_LDAP_UID_FIELD = "uid"
AUTH_LDAP_USE_TLS = False
AUTH_LDAP_ALLOW_SELF_SIGNED = False

This results in the following LDAP log which indicates that the query was 
executed successfully.

[06/May/2021:13:50:13 -0700] conn=17284339 op=-1 msgId=-1 - fd=212 slot=212 
LDAPS connection from ....254.239:60821 to ....125.253
[06/May/2021:13:50:13 -0700] conn=17284339 op=0 msgId=1 - BIND 
dn="uid=jsearch-airflow-sa,ou=applications,dc=dir,dc=...,dc=...,dc=..." 
method=128 version=3
[06/May/2021:13:50:13 -0700] conn=17284339 op=0 msgId=1 - RESULT err=0 tag=97 
nentries=0 etime=0 
dn="uid=jsearch-airflow-sa,ou=applications,dc=dir,dc=...,dc=...,dc=..."
[06/May/2021:13:50:14 -0700] conn=17284339 op=1 msgId=2 - SRCH 
base="ou=personnel,dc=dir,dc=...,dc=...,dc=..." scope=2 filter="(uid=ech...)" 
attrs="givenName sn mail"
[06/May/2021:13:50:14 -0700] conn=17284339 op=1 msgId=2 - RESULT err=0 tag=101 
nentries=1 etime=0
[06/May/2021:13:50:14 -0700] conn=17284339 op=2 msgId=3 - BIND 
dn="uid=echiu,ou=personnel,dc=dir,dc=...,dc=...,dc=..." method=128 version=3
[06/May/2021:13:50:14 -0700] conn=17284339 op=2 msgId=3 - RESULT err=0 tag=97 
nentries=0 etime=0 dn="uid=ech...,ou=personnel,dc=dir,dc=...,dc=...,dc=..."
[06/May/2021:13:50:14 -0700] conn=17284339 op=3 msgId=4 - UNBIND
[06/May/2021:13:50:14 -0700] conn=17284339 op=3 msgId=-1 - closing from 
....254.239:60821 - U1 - Connection closed by unbind client -
[06/May/2021:13:50:14 -0700] conn=17284339 op=-1 msgId=-1 - closed.

However this does not result in a successful user login within the Airflow 
weberver and the UI reflects "Invalid login. Please try again."

The webserver log reflects the following

Request URL: http://localhost:8080/login/
Request Method: POST
Status Code: 302 FOUND
Remote Address: 127.0.0.1:8080
Referrer Policy: strict-origin-when-cross-origin

Does anyone have any idea what is going on here?
Thank you

lewismc

Reply via email to