[rt-users] Error with RT::Authen::ExtenalAuth against Active Directory W2k3

Max León mleon at wirewatchers.com
Thu Mar 26 16:48:23 EDT 2009


Hi again,
I have an odd situation still.
I made the mistake to claim victory before further testing, and here I am.
I can connect with the same user from the AD that I was testing before but
any new one gives me this error on the browser:

Can't locate object method "host" via package "URI::_generic" at
/opt/rt3/bin/../lib/RT/Interface/Web.pm line 190.
Which takes me to this sub routine:
sub Redirect {
    my $redir_to = shift;
    untie $HTML::Mason::Commands::session;
    my $uri = URI->new($redir_to);
    my $server_uri = URI->new( RT->Config->Get('WebURL') );

    # If the user is coming in via a non-canonical
    # hostname, don't redirect them to the canonical host,
    # it will just upset them (and invalidate their credentials)
    # don't do this if $RT::CanoniaclRedirectURLs is true
    if (   !RT->Config->Get('CanonicalizeRedirectURLs')   <-- THIS IS THE
LINE OF THE ERROR
        && $uri->host eq $server_uri->host
        && $uri->port eq $server_uri->port )
    {
        if ( defined $ENV{HTTPS} and $ENV{'HTTPS'} eq 'on' ) {
            $uri->scheme('https');
        }
        else {
            $uri->scheme('http');
        }

        # [rt3.fsck.com #12716] Apache recommends use of $SERVER_HOST
        $uri->host( $ENV{'SERVER_HOST'} || $ENV{'HTTP_HOST'} );
        $uri->port( $ENV{'SERVER_PORT'} );
    }


While on the RT log I can see this:

[Thu Mar 26 20:35:31 2009] [debug]: Attempting to use external auth service:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)

[Thu Mar 26 20:35:31 2009] [debug]: Calling UserExists with $username
(evol.johnson) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105)

[Thu Mar 26 20:35:31 2009] [debug]: UserExists
params:

username: evol.johnson , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)

[Thu Mar 26 20:35:31 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=*)(sAMAccountName=evol.johnson)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)

[Thu Mar 26 20:35:31 2009] [debug]: Password validation required for service
- Executing...
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:155)

[Thu Mar 26 20:35:31 2009] [debug]: Trying external auth service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:16)

[Thu Mar 26 20:35:31 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(sAMAccountName=evol.johnson)(objectClass=*)) == Attrs: dn
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:43)

[Thu Mar 26 20:35:31 2009] [debug]: Found LDAP DN: CN=Evol
Johnson,CN=Users,DC=cr,DC=digitalarbor,DC=com
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:75)

[Thu Mar 26 20:35:31 2009] [info]: My_LDAP AUTH FAILED evol.johnson (can't
bind: LDAP_INVALID_CREDENTIALS 49 )
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:82)

[Thu Mar 26 20:35:31 2009] [debug]: LDAP password validation result: 0
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:334)

[Thu Mar 26 20:35:31 2009] [debug]: Password Validation Check Result:  0
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:159)

[Thu Mar 26 20:35:31 2009] [debug]: Autohandler called ExternalAuth.
Response: (0, Password Invalid)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth:26)

[Thu Mar 26 20:35:31 2009] [error]: FAILED LOGIN for evol.johnson from
192.168.0.71 (/opt/rt3/share/html/autohandler:268)
[Thu Mar 26 20:35:40 2009] [debug]: Attempting to use external auth service:
My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:64)

[Thu Mar 26 20:35:40 2009] [debug]: Calling UserExists with $username
(evol.johnson) and $service (My_LDAP)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:105)

[Thu Mar 26 20:35:40 2009] [debug]: UserExists
params:

username: evol.johnson , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)

[Thu Mar 26 20:35:40 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=*)(sAMAccountName=evol.johnson)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)

[Thu Mar 26 20:35:40 2009] [debug]: Password validation required for service
- Executing...
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:155)

[Thu Mar 26 20:35:40 2009] [debug]: Trying external auth service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:16)

[Thu Mar 26 20:35:40 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(sAMAccountName=evol.johnson)(objectClass=*)) == Attrs: dn
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:43)

[Thu Mar 26 20:35:40 2009] [debug]: Found LDAP DN: CN=Evol
Johnson,CN=Users,DC=cr,DC=digitalarbor,DC=com
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:75)

[Thu Mar 26 20:35:40 2009] [info]: RT::Authen::ExternalAuth::LDAP::GetAuth
External Auth OK ( My_LDAP ): evol.johnson
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:139)

[Thu Mar 26 20:35:40 2009] [debug]: LDAP password validation result: 1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:334)

[Thu Mar 26 20:35:40 2009] [debug]: Password Validation Check Result:  1
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:159)

[Thu Mar 26 20:35:40 2009] [debug]: Authentication successful. Now updating
user information and attempting login.
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:179)

[Thu Mar 26 20:35:40 2009] [debug]: UserExists
params:

username: evol.johnson , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)

[Thu Mar 26 20:35:40 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=*)(sAMAccountName=evol.johnson)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)

[Thu Mar 26 20:35:40 2009] [debug]: UserExists
params:

username: evol.johnson , service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:274)
[Thu Mar 26 20:35:40 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=*)(sAMAccountName=evol.johnson)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:304)
[Thu Mar 26 20:35:40 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=*)(objectClass=nomatch)(sAMAccountName=evol.johnson)) ==
Attrs: uid
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:398)
[Thu Mar 26 20:35:40 2009] [info]: User marked as ENABLED ( evol.johnson )
per External Service (0, That is already the current value)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:274)
[Thu Mar 26 20:35:40 2009] [debug]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo called by RT::User
/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/User_Vendor.pm 20 with:
Name: evol.johnson
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:450)
[Thu Mar 26 20:35:40 2009] [debug]: Attempting to get user info using this
external service: My_LDAP
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:458)
[Thu Mar 26 20:35:40 2009] [debug]: Attempting to use this canonicalization
key: Name
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:472)
[Thu Mar 26 20:35:40 2009] [debug]: LDAP Search ===  Base:
cn=users,dc=cr,dc=digitalarbor,dc=com == Filter:
(&(objectClass=*)(sAMAccountName=evol.johnson)) == Attrs:
l,cn,st,mail,sAMAccountName,co,streetAddress,postalCode,telephoneNumber,sAMAccountName,physicalDeliveryOfficeName,sAMAccountName
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm:195)
[Thu Mar 26 20:35:40 2009] [info]:
RT::Authen::ExternalAuth::CanonicalizeUserInfo returning Address1: , City: ,
Country: , EmailAddress: , ExternalAuthId: evol.johnson, Gecos:
evol.johnson, Name: evol.johnson, Organization: , RealName: Evol
Johnson,State: , WorkPhone: , Zip:
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:536)
[Thu Mar 26 20:35:40 2009] [debug]: UPDATED user ( evol.johnson ) from
External Service
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:307)
[Thu Mar 26 20:35:40 2009] [info]: Successful login for evol.johnson from
192.168.0.71
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:219)
[Thu Mar 26 20:35:40 2009] [debug]: Autohandler called ExternalAuth.
Response: (1, Successful login)
(/opt/rt3/local/plugins/RT-Authen-ExternalAuth/html/Callbacks/ExternalAuth/autohandler/Auth:26)


I'm not a coder so I cannot make much about this problem since I don't
understand what is the root of it.

Thanks again.


On Thu, Mar 26, 2009 at 2:22 PM, Max León <mleon at wirewatchers.com> wrote:

> Thanks so much Nick.
> That indeed did the trick and I have it ready.
> Thanks for the clarification as well.
>
>
> On Thu, Mar 26, 2009 at 11:37 AM, Nick Kartsioukas <
> change+lists.rt at nightwind.net <change%2Blists.rt at nightwind.net>> wrote:
>
>> On Thu, 26 Mar 2009 11:32:53 -0600, "Max León" <mleon at wirewatchers.com>
>> said:
>> > Now, I did what you asked me to and well, that the error went away but I
>> > have a new one.
>> > Here it is what the browser displays:
>> > Can't call method "as_string" on an undefined value at
>> >
>> /opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm
>> > line 398, line 514.
>>
>> Ensure that you have valid LDAP search parameters defined for 'base',
>> 'filter', and 'd_filter'.  In my configuration, I don't need to narrow
>> down the search any more than what I defined in my LDAP search base, so
>> I set 'filter' to '(objectClass=*)' and 'd_filter' to
>> '(objectClass=ThisWillNeverMatch)'.
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20090326/7955c186/attachment.htm>


More information about the rt-users mailing list