[one-users] Problem with ldap authentication
Carlos A.
caralla at upv.es
Mon Jun 20 03:45:06 PDT 2011
The problem is that in the original one_auth_mad.rb, the code is fine
(is distinct than the one distributed in the ldap authentication addon).
When I install the ldap addon, the resulting one_auth_mad.rb is the one
that I was dealing with.
(from the ONE bundle directory just uncompressed)
$ diff ./src/authm_mad/one_auth_mad.rb
../one/tmp/ldap-2.2.0/src/one_auth_mad.rb
(... license ...)
34a37
> require 'ldap_auth'
59c62
< @authenticate=driver.new
---
> @authenticate=driver.new(@config)
65c68
< @authenticate=SimpleAuth.new
---
> @authenticate=SimpleAuth.new(@config)
79c82
< request_id, 'Successfully authenticated')
---
> request_id, user, token)
87,92c90
< begin
< auth=@permissions.auth(user_id, tokens.flatten)
< rescue Exception => e
< auth="Error: #{e}"
< end
<
---
> auth=@permissions.auth(user_id, tokens.flatten)
103,108d100
< begin
< am=AuthorizationManager.new
< rescue Exception => e
< puts "Error: #{e}"
< exit(-1)
< end
109a102
> am=AuthorizationManager.new
-----------------------------
You can notice that the line
request_id, 'Successfully authenticated')
has been substituted by the faulty line in the ldap addon
request_id, user, token)
Regards,
Carlos A.
El 20/06/11 12:14, Tino Vazquez escribió:
> Hi Carlos,
>
> I am not able to find the code you are referring to, which version of
> OpenNebula are you using?
>
> Regards,
>
> -Tino
>
> --
> Constantino Vázquez Blanco, MSc
> OpenNebula Major Contributor
> www.OpenNebula.org <http://www.OpenNebula.org> | @tinova79
>
>
> On Thu, Jun 16, 2011 at 5:15 PM, Carlos A. <caralla at upv.es
> <mailto:caralla at upv.es>> wrote:
>
> Hello,
>
> I have finally got it:
>
> I have found 1 error in lib/mads/one_auth_mad.rb
>
> ...
> def action_authenticate(request_id, user_id, user, password,
> token)
> auth=@authenticate.auth <mailto:auth=@authenticate.auth>(user_id,
> user, password, token)
> if auth==true
> send_message('AUTHENTICATE', RESULT[:success],
> request_id, user, token)
> else
> send_message('AUTHENTICATE', RESULT[:failure],
> request_id, auth)
> end
> end
> ...
>
> the problem is the line
> send_message('AUTHENTICATE', RESULT[:success],
> request_id, user, token)
>
> where there are 5 parameters while send_message needs only 4. If I
> leave these 5 parameters, one fails and the one daemon dies, but
> when I remove the last one (token), it works both for simple and
> ldap authentication.
>
> Neither simple or ldap were working before because of the
> exception of the "send_message" function.
>
> The code that I am using (it works for me) is:
>
> ...
> def action_authenticate(request_id, user_id, user, password,
> token)
> auth=@authenticate.auth <mailto:auth=@authenticate.auth>(user_id,
> user, password, token)
> if auth==true
> send_message('AUTHENTICATE', RESULT[:success],
> request_id, user)
> else
> send_message('AUTHENTICATE', RESULT[:failure],
> request_id, auth)
> end
> end
> ...
>
> Regards,
> Carlos A.
>
>
>
> El 16/06/11 13:11, Tino Vazquez escribió:
>> Hi Carlos,
>>
>> Let's try the driver by hand again, but also with the
>> authentication part:
>>
>> # ruby -dw $ONE_LOCATION/lib/mads/one_auth_mad.rb
>> AUTHENTICATE 0 -1 <LDAP_DN> - <LDAP_DN:plain:LDAP_PASSWORD>
>>
>> this will tell if the failure is in the driver or the core.
>>
>> Regards,
>>
>> -Tino
>>
>> --
>> Constantino Vázquez Blanco, MSc
>> OpenNebula Major Contributor
>> www.OpenNebula.org <http://www.OpenNebula.org> | @tinova79
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20110620/63545b99/attachment-0003.htm>
More information about the Users
mailing list