[one-users] Problem with ldap authentication

Carlos A. caralla at upv.es
Mon Jun 20 03:45:06 PDT 2011


The problem is that in the original one_auth_mad.rb, the code is fine 
(is distinct than the one distributed in the ldap authentication addon).

When I install the ldap addon, the resulting one_auth_mad.rb is the one 
that I was dealing with.

(from the ONE bundle directory just uncompressed)
$ diff ./src/authm_mad/one_auth_mad.rb 
../one/tmp/ldap-2.2.0/src/one_auth_mad.rb
(... license ...)
34a37
 > require 'ldap_auth'
59c62
<             @authenticate=driver.new
---
 >             @authenticate=driver.new(@config)
65c68
<             @authenticate=SimpleAuth.new
---
 >             @authenticate=SimpleAuth.new(@config)
79c82
<                 request_id, 'Successfully authenticated')
---
 >                 request_id, user, token)
87,92c90
<         begin
<             auth=@permissions.auth(user_id, tokens.flatten)
<         rescue Exception => e
<             auth="Error: #{e}"
<         end
<
---
 >         auth=@permissions.auth(user_id, tokens.flatten)
103,108d100
< begin
<     am=AuthorizationManager.new
< rescue Exception => e
<     puts "Error: #{e}"
<     exit(-1)
< end
109a102
 > am=AuthorizationManager.new

-----------------------------

You can notice that the line

request_id, 'Successfully authenticated')

has been substituted by the faulty line in the ldap addon

request_id, user, token)

Regards,
Carlos A.


El 20/06/11 12:14, Tino Vazquez escribió:
> Hi Carlos,
>
> I am not able to find the code you are referring to, which version of 
> OpenNebula are you using?
>
> Regards,
>
> -Tino
>
> --
> Constantino Vázquez Blanco, MSc
> OpenNebula Major Contributor
> www.OpenNebula.org <http://www.OpenNebula.org> | @tinova79
>
>
> On Thu, Jun 16, 2011 at 5:15 PM, Carlos A. <caralla at upv.es 
> <mailto:caralla at upv.es>> wrote:
>
>     Hello,
>
>     I have finally got it:
>
>     I have found 1 error in lib/mads/one_auth_mad.rb
>
>     ...
>         def action_authenticate(request_id, user_id, user, password,
>     token)
>     auth=@authenticate.auth <mailto:auth=@authenticate.auth>(user_id,
>     user, password, token)
>             if auth==true
>                 send_message('AUTHENTICATE', RESULT[:success],
>     request_id, user, token)
>             else
>                 send_message('AUTHENTICATE', RESULT[:failure],
>                     request_id, auth)
>             end
>         end
>     ...
>
>     the problem is the line
>                 send_message('AUTHENTICATE', RESULT[:success],
>     request_id, user, token)
>
>     where there are 5 parameters while send_message needs only 4. If I
>     leave these 5 parameters, one fails and the one daemon dies, but
>     when I remove the last one (token), it works both for simple and
>     ldap authentication.
>
>     Neither simple or ldap were working before because of the
>     exception of the "send_message" function.
>
>     The code that I am using (it works for me) is:
>
>     ...
>         def action_authenticate(request_id, user_id, user, password,
>     token)
>     auth=@authenticate.auth <mailto:auth=@authenticate.auth>(user_id,
>     user, password, token)
>             if auth==true
>                 send_message('AUTHENTICATE', RESULT[:success],
>     request_id, user)
>             else
>                 send_message('AUTHENTICATE', RESULT[:failure],
>     request_id, auth)
>             end
>         end
>     ...
>
>     Regards,
>     Carlos A.
>
>
>
>     El 16/06/11 13:11, Tino Vazquez escribió:
>>     Hi Carlos,
>>
>>     Let's try the driver by hand again, but also with the
>>     authentication part:
>>
>>     # ruby -dw $ONE_LOCATION/lib/mads/one_auth_mad.rb
>>     AUTHENTICATE 0 -1 <LDAP_DN> - <LDAP_DN:plain:LDAP_PASSWORD>
>>
>>     this will tell if the failure is in the driver or the core.
>>
>>     Regards,
>>
>>     -Tino
>>
>>     --
>>     Constantino Vázquez Blanco, MSc
>>     OpenNebula Major Contributor
>>     www.OpenNebula.org <http://www.OpenNebula.org> | @tinova79
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20110620/63545b99/attachment-0003.htm>


More information about the Users mailing list