[Yahoo-eng-team] [Bug 1545960] [NEW] authenticating with ldap user fails due to notification

Steve Martinelli Mon, 15 Feb 2016 23:51:07 -0800

Public bug reported:

I setup a non-default domain with an LDAP backend, with emails as
usernames. This caused ldap user authentication to fail:


2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP init: 
url=ldap://bluepages.ibm.com 2016-02-16 02:49:48.311 
_common_ldap_initialization /opt/stack/keystone/keystone/common/ldap/core.py:579
2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP init: use_tls=False 
tls_cacertfile=None tls_cacertdir=None tls_req_cert=2 tls_avail=1 2016-02-16 
02:49:48.311 _common_ldap_initialization 
/opt/stack/keystone/keystone/common/ldap/core.py:583
2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP search: 
base=ou=bluepages,o=ibm.com scope=2 
filterstr=(&(mail=steve...@ca.ibm.com)(objectClass=ibmPerson)(uid=*)) 
attrs=['mail', 'userPassword', 'enabled', 'uid'] attrsonly=0 2016-02-16 
02:49:48.311 search_s /opt/stack/keystone/keystone/common/ldap/core.py:938
2016-02-16 02:49:48.418 18101 DEBUG keystone.common.ldap.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP unbind 2016-02-16 
02:49:48.418 unbind_s /opt/stack/keystone/keystone/common/ldap/core.py:911
2016-02-16 02:49:48.420 18101 DEBUG keystone.identity.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] ID Mapping - Domain ID: 
f661d8c0c14848f5909cf5229a473377, Default Driver: False, Domains: False, UUIDs: 
False, Compatible IDs: True 2016-02-16 02:49:48.420 _set_domain_id_and_mapping 
/opt/stack/keystone/keystone/identity/core.py:577
2016-02-16 02:49:48.420 18101 DEBUG keystone.identity.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] Local ID: 011918649 
2016-02-16 02:49:48.420 _set_domain_id_and_mapping_for_single_ref 
/opt/stack/keystone/keystone/identity/core.py:595
2016-02-16 02:49:48.425 18101 DEBUG keystone.identity.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] Found existing mapping to 
public ID: 2165702f085e15ff59308d8723df016d75fdd07e9af527a881b87812278e5068 
2016-02-16 02:49:48.425 _set_domain_id_and_mapping_for_single_ref 
/opt/stack/keystone/keystone/identity/core.py:608

2016-02-16 02:32:22.650 17136 ERROR keystone.common.wsgi 
[req-0fb5bb7b-2ba1-4ced-a814-71bd53939d46 - - - - -] 'ascii' codec can't decode 
byte 0xec in position 2: ordinal not in range(128)
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi Traceback (most recent 
call last):
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/common/wsgi.py", line 247, in __call__
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     result = 
method(context, **params)
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/auth/controllers.py", line 396, in 
authenticate_for_token
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     
self.authenticate(context, auth_info, auth_context)
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/auth/controllers.py", line 520, in authenticate
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     auth_context)
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/auth/plugins/password.py", line 36, in 
authenticate
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     
password=user_info.password)
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/common/manager.py", line 124, in wrapped
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     __ret_val = 
__f(*args, **kwargs)
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/notifications.py", line 555, in wrapper
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     initiator = 
_get_request_audit_info(context, user_id)
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/notifications.py", line 521, in 
_get_request_audit_info
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     initiator.id = 
utils.resource_uuid(user_id)
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/common/utils.py", line 60, in resource_uuid
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     return 
uuid.uuid5(RESOURCE_ID_NAMESPACE, value).hex
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/usr/lib/python2.7/uuid.py", line 567, in uuid5
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     hash = 
sha1(namespace.bytes + name).digest()
2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi UnicodeDecodeError: 
'ascii' codec can't decode byte 0xec in position 2: ordinal not in range(128)

** Affects: keystone
     Importance: High
     Assignee: Steve Martinelli (stevemar)
         Status: New

** Changed in: keystone
   Importance: Undecided => High

** Changed in: keystone
     Assignee: (unassigned) => Steve Martinelli (stevemar)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1545960

Title:
  authenticating with ldap user fails due to notification

Status in OpenStack Identity (keystone):
  New

Bug description:
  I setup a non-default domain with an LDAP backend, with emails as
  usernames. This caused ldap user authentication to fail:

  2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP init: 
url=ldap://bluepages.ibm.com 2016-02-16 02:49:48.311 
_common_ldap_initialization /opt/stack/keystone/keystone/common/ldap/core.py:579
  2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP init: use_tls=False 
tls_cacertfile=None tls_cacertdir=None tls_req_cert=2 tls_avail=1 2016-02-16 
02:49:48.311 _common_ldap_initialization 
/opt/stack/keystone/keystone/common/ldap/core.py:583
  2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP search: 
base=ou=bluepages,o=ibm.com scope=2 
filterstr=(&(mail=steve...@ca.ibm.com)(objectClass=ibmPerson)(uid=*)) 
attrs=['mail', 'userPassword', 'enabled', 'uid'] attrsonly=0 2016-02-16 
02:49:48.311 search_s /opt/stack/keystone/keystone/common/ldap/core.py:938
  2016-02-16 02:49:48.418 18101 DEBUG keystone.common.ldap.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP unbind 2016-02-16 
02:49:48.418 unbind_s /opt/stack/keystone/keystone/common/ldap/core.py:911
  2016-02-16 02:49:48.420 18101 DEBUG keystone.identity.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] ID Mapping - Domain ID: 
f661d8c0c14848f5909cf5229a473377, Default Driver: False, Domains: False, UUIDs: 
False, Compatible IDs: True 2016-02-16 02:49:48.420 _set_domain_id_and_mapping 
/opt/stack/keystone/keystone/identity/core.py:577
  2016-02-16 02:49:48.420 18101 DEBUG keystone.identity.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] Local ID: 011918649 
2016-02-16 02:49:48.420 _set_domain_id_and_mapping_for_single_ref 
/opt/stack/keystone/keystone/identity/core.py:595
  2016-02-16 02:49:48.425 18101 DEBUG keystone.identity.core 
[req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] Found existing mapping to 
public ID: 2165702f085e15ff59308d8723df016d75fdd07e9af527a881b87812278e5068 
2016-02-16 02:49:48.425 _set_domain_id_and_mapping_for_single_ref 
/opt/stack/keystone/keystone/identity/core.py:608

  2016-02-16 02:32:22.650 17136 ERROR keystone.common.wsgi 
[req-0fb5bb7b-2ba1-4ced-a814-71bd53939d46 - - - - -] 'ascii' codec can't decode 
byte 0xec in position 2: ordinal not in range(128)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi Traceback (most 
recent call last):
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/common/wsgi.py", line 247, in __call__
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     result = 
method(context, **params)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/auth/controllers.py", line 396, in 
authenticate_for_token
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     
self.authenticate(context, auth_info, auth_context)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/auth/controllers.py", line 520, in authenticate
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     auth_context)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/auth/plugins/password.py", line 36, in 
authenticate
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     
password=user_info.password)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/common/manager.py", line 124, in wrapped
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     __ret_val = 
__f(*args, **kwargs)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/notifications.py", line 555, in wrapper
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     initiator = 
_get_request_audit_info(context, user_id)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/notifications.py", line 521, in 
_get_request_audit_info
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     initiator.id = 
utils.resource_uuid(user_id)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/opt/stack/keystone/keystone/common/utils.py", line 60, in resource_uuid
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     return 
uuid.uuid5(RESOURCE_ID_NAMESPACE, value).hex
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File 
"/usr/lib/python2.7/uuid.py", line 567, in uuid5
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     hash = 
sha1(namespace.bytes + name).digest()
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi UnicodeDecodeError: 
'ascii' codec can't decode byte 0xec in position 2: ordinal not in range(128)

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1545960/+subscriptions

-- 
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to     : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help   : https://help.launchpad.net/ListHelp

[Yahoo-eng-team] [Bug 1545960] [NEW] authenticating with ldap user fails due to notification

Reply via email to