← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1358243] Re: LDAP Critical extension is unavailable 500 error

 

** Also affects: keystone/icehouse
   Importance: Undecided
       Status: New

** Tags added: icehouse-backport-potential

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1358243

Title:
  LDAP Critical extension is unavailable 500 error

Status in OpenStack Identity (Keystone):
  New
Status in Keystone icehouse series:
  New

Bug description:
  Keystone raises a 500 error when trying to use paging on an LDAP
  server that doesn't support it (by setting [ldap] page_size to a non-
  zero integer)

  # keystone user-list
  An unexpected error prevented the server from fulfilling your request. {'desc': 'Critical extension is unavailable'} (HTTP 500)

  And this is the keystone.log traceback:

  2014-08-18 10:48:09.684 21606 ERROR keystone.common.wsgi [-] {'desc': 'Critical extension is unavailable'}
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi Traceback (most recent call last):
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/common/wsgi.py", line 207, in __call__
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     result = method(context, **params)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/identity/controllers.py", line 112, in get_users
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     user_list = self.identity_api.list_users()
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/common/manager.py", line 47, in wrapper
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     return f(self, *args, **kwargs)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/identity/core.py", line 189, in wrapper
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     return f(self, *args, **kwargs)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/identity/core.py", line 328, in list_users
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     ref_list = driver.list_users(hints or driver_hints.Hints())
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/identity/backends/hybrid.py", line 112, in list_users
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     ldap_users = self.user.get_all_filtered()
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/identity/backends/ldap.py", line 245, in get_all_filtered
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     return [identity.filter_user(user) for user in self.get_all()]
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 1009, in get_all
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     return super(EnabledEmuMixIn, self).get_all(ldap_filter)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 628, in get_all
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     for x in self._ldap_get_all(ldap_filter)]
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 603, in _ldap_get_all
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     attrs)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 809, in search_s
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     ldap_result = self.paged_search_s(dn, scope, query, attrlist)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/keystone/common/ldap/core.py", line 845, in paged_search_s
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     rtype, rdata, rmsgid, serverctrls = self.conn.result3(msgid)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 432, in result3
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi   File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi     result = func(*args,**kwargs)
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi UNAVAILABLE_CRITICAL_EXTENSION: {'desc': 'Critical extension is unavailable'}
  2014-08-18 10:48:09.684 21606 TRACE keystone.common.wsgi

  
  IMHO, there should be a better error message and no 500 error should be raised.

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1358243/+subscriptions


References