← Back to team overview

openstack team mailing list archive

  1. openstack team
  2. Mailing list archive
  3. Message #19338

Re: LDAP + Keystone,, Error after authentication..

  Thread PreviousDate PreviousThread Next 
On 12/11/2012 04:15 AM, yasith tharindu wrote:

Hi Team;
I was trying to configure ldap + keystone but it seems not working. I feel like authentication is successful but horizon return me python error. Im unable to trace as its does not give any detail. Following I have attached the error, ldap dump, keystone config. I would really appreciate if you can note me down any configuration error. 




My nova version is::   2012.2 (2012.2-LOCALBRANCH:LOCALREVISION)

If its wrong password it returns, "Invalid user name or password."

That sounds right
When type correct credentials but user not in the any of "Group" it return "You are not authorized for any projects." 

Yes
When type correct credentials and the user is a member of a group (eg: cn=demo,ou=Groups,dc=example,dc=com), It returns following error.
It looks like some poor error handling in Horizon, to start. The Key error means token.tenant['name'] is not defined in the object. Which probably means that it doesn't have a real token or something. I'm guessing that token.tenant is None at this point.
Does it work from the Keystone CLI? Isolate your problem, is it Keystone, or is it Horizon. 







################### The error ########################

KeyError at /auth/login/
'name'
Request Method:POST
Request URL:https://192.168.25.240/auth/login/
Django Version:1.4.1
Exception Type:KeyError
Exception Value:
'name'
Exception Location:/usr/lib/python2.7/dist-packages/openstack_auth/user.py in create_user_from_token, line 25 
Python Executable:/usr/bin/python
Python Version:2.7.3
Python Path:
['/usr/share/openstack-dashboard/openstack_dashboard/wsgi/../..',
 '/usr/share/openstack-dashboard/openstack_dashboard',
 '/usr/lib/python2.7',
 '/usr/lib/python2.7/plat-linux2',
 '/usr/lib/python2.7/lib-tk',
 '/usr/lib/python2.7/lib-old',
 '/usr/lib/python2.7/lib-dynload',
 '/usr/local/lib/python2.7/dist-packages',
 '/usr/lib/python2.7/dist-packages',
 '/usr/lib/pymodules/python2.7',
 '/usr/share/openstack-dashboard/']


Environment:


Request Method: POST
Request URL: https://192.168.25.240/auth/login/

Django Version: 1.4.1
Python Version: 2.7.3
Installed Applications:
('openstack_dashboard',
 'django.contrib.contenttypes',
 'django.contrib.auth',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'django.contrib.humanize',
 'compressor',
 'horizon',
 'horizon.dashboards.nova',
 'horizon.dashboards.syspanel',
 'horizon.dashboards.settings',
 'openstack_auth')
Installed Middleware:
('django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'horizon.middleware.HorizonMiddleware',
 'django.middleware.doc.XViewMiddleware',
 'django.middleware.locale.LocaleMiddleware')


Traceback:
File "/usr/lib/python2.7/dist-packages/django/core/handlers/base.py" in get_response 111. response = callback(request, *callback_args, **callback_kwargs) File "/usr/lib/python2.7/dist-packages/django/views/decorators/debug.py" in sensitive_post_parameters_wrapper 
  69.             return view(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/utils/decorators.py" in _wrapped_view 
  91.                     response = view_func(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/views/decorators/cache.py" in _wrapped_view_func 
  89.         response = view_func(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/openstack_auth/views.py" in login
  50.                        extra_context=extra_context)
File "/usr/lib/python2.7/dist-packages/django/views/decorators/debug.py" in sensitive_post_parameters_wrapper 
  69.             return view(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/utils/decorators.py" in _wrapped_view 
  91.                     response = view_func(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/views/decorators/cache.py" in _wrapped_view_func 
  89.         response = view_func(request, *args, **kwargs)
File "/usr/lib/python2.7/dist-packages/django/contrib/auth/views.py" in login 
  36.         if form.is_valid():
File "/usr/lib/python2.7/dist-packages/django/forms/forms.py" in is_valid
  124.         return self.is_bound and not bool(self.errors)
File "/usr/lib/python2.7/dist-packages/django/forms/forms.py" in _get_errors 
  115.             self.full_clean()
File "/usr/lib/python2.7/dist-packages/django/forms/forms.py" in full_clean 
  271.         self._clean_form()
File "/usr/lib/python2.7/dist-packages/django/forms/forms.py" in _clean_form 
  299.             self.cleaned_data = self.clean()
File "/usr/lib/python2.7/dist-packages/django/views/decorators/debug.py" in sensitive_variables_wrapper 
  34.             return func(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/openstack_auth/forms.py" in clean
  57.  auth_url=region)
File "/usr/lib/python2.7/dist-packages/django/contrib/auth/__init__.py" in authenticate 
  45.             user = backend.authenticate(**credentials)
File "/usr/lib/python2.7/dist-packages/openstack_auth/backend.py" in authenticate 113. user = create_user_from_token(request, token, client.management_url) File "/usr/lib/python2.7/dist-packages/openstack_auth/user.py" in create_user_from_token 
  25.                 tenant_name=token.tenant['name'],

Exception Type: KeyError at /auth/login/
Exception Value: 'name'




########################My LDAP dump #####################
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example Inc
dc: example
structuralObjectClass: organization


dn: cn=admin,dc=example,dc=com
objectClass: simpleSecurityObject
objectClass: organizationalRole
cn: admin
description: LDAP administrator
userPassword:: e1NTSEF9cGgrencraEZDWlFDNmR2bmEyM2kyb2RVWXdsK0FlSWg=

dn: ou=Groups,dc=example,dc=com
ou: groups
objectClass: organizationalUnit



dn: ou=Users,dc=example,dc=com
ou: users
objectClass: organizationalUnit


dn: ou=Roles,dc=example,dc=com
ou: roles
objectClass: organizationalUnit
dn: cn=yasith,ou=Users,dc=example,dc=com
cn: yasith
displayName: yasith
givenName: yasith
mail: yasith@xxxxxxxxxxx <mailto:yasith@xxxxxxxxxxx>
objectClass: inetOrgPerson
objectClass: top
sn: yasith
uid: yasith
userPassword:: YWJjMTIz

dn: cn=demo,ou=Users,dc=example,dc=com
cn: demo
displayName: demo
givenName: demo
mail: demo@xxxxxxxxxxx <mailto:demo@xxxxxxxxxxx>
objectClass: inetOrgPerson
objectClass: top
sn: demo
uid: demo
userPassword:: YWJjMTIz

dn: cn=tharindu,ou=Users,dc=example,dc=com
cn: tharindu
displayName: tharindu
givenName: tharindu
mail: tharindu@xxxxxxxxxxx <mailto:tharindu@xxxxxxxxxxx>
objectClass: inetOrgPerson
objectClass: top
sn: tharindu
uid: tharindu
userPassword:: YWJjMTIz

dn: cn=demo,ou=Groups,dc=example,dc=com
cn: demo
member: cn=demo,ou=Users,dc=example,dc=com
member: cn=yasith,ou=Users,dc=example,dc=com
objectClass: groupOfNames


dn: cn=Member,ou=Roles,dc=example,dc=com
cn: member
description: Role associated with openstack users
objectClass: organizationalRole
roleOccupant: cn=demo,ou=Users,dc=example,dc=com





######### Keystone Config #######################################


[ldap]
url = ldap://10.100.0.10 <http://10.100.0.10>
tree_dn = dc=example,dc=com
user_tree_dn = ou=Users,dc=example,dc=com
role_tree_dn = ou=Roles,dc=example,dc=com
tenant_tree_dn = ou=Groups,dc=example,dc=com
user = cn=admin,dc=example,dc=com
password = admin123
suffix = cn=example,cn=com

[identity]
driver = keystone.identity.backends.ldap.Identity


[catalog]
driver = keystone.catalog.backends.sql.Catalog

[token]
driver = keystone.token.backends.sql.Token



_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to     : openstack@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~openstack
More help   : https://help.launchpad.net/ListHelp

References

  Thread PreviousDate PreviousThread Next