yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #20313
[Bug 1358243] Re: LDAP Critical extension is unavailable 500 error
** Also affects: keystone/icehouse
Importance: Undecided
Status: New
** Tags added: icehouse-backport-potential
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1358243
Title:
LDAP Critical extension is unavailable 500 error
Status in OpenStack Identity (Keystone):
New
Status in Keystone icehouse series:
New
Bug description:
Keystone raises a 500 error when trying to use paging on an LDAP
server that doesn't support it (by setting [ldap] page_size to a non-
zero integer)
# keystone user-list
An unexpected error prevented the server from fulfilling your request. {'desc': 'Critical extension is unavailable'} (HTTP 500)
And this is the keystone.log traceback:
2014-08-18 10:48:09.684 21606 ERROR keystone.common.wsgi [-] {'desc': 'Critical extension is unavailable'}
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi Traceback (most recent call last):
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/common/wsgi.py", line 207, in __call__
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi result = method(context, **params)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/identity/controllers.py", line 112, in get_users
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi user_list = self.identity_api.list_users()
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/common/manager.py", line 47, in wrapper
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi return f(self, *args, **kwargs)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/identity/core.py", line 189, in wrapper
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi return f(self, *args, **kwargs)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/identity/core.py", line 328, in list_users
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi ref_list = driver.list_users(hints or driver_hints.Hints())
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/identity/backends/hybrid.py", line 112, in list_users
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi ldap_users = self.user.get_all_filtered()
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/identity/backends/ldap.py", line 245, in get_all_filtered
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi return [identity.filter_user(user) for user in self.get_all()]
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 1009, in get_all
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi return super(EnabledEmuMixIn, self).get_all(ldap_filter)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 628, in get_all
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi for x in self._ldap_get_all(ldap_filter)]
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 603, in _ldap_get_all
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi attrs)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 809, in search_s
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi ldap_result = self.paged_search_s(dn, scope, query, attrlist)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 845, in paged_search_s
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi rtype, rdata, rmsgid, serverctrls = self.conn.result3(msgid)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 432, in result3
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi result = func(*args,**kwargs)
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi UNAVAILABLE_CRITICAL_EXTENSION: {'desc': 'Critical extension is unavailable'}
2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi
IMHO, there should be a better error message and no 500 error should be raised.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1358243/+subscriptions
References