yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1480951] Re: List LDAP users returns 500 error code when one of the users' local_id only consists of numbers

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: aginwala <aginwala@xxxxxxxxxx>
Date: Mon, 23 Nov 2015 20:33:07 -0000
Reply-to: Bug 1480951 <1480951@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Incomplete => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1480951

Title:
  List LDAP users returns 500 error code when one of the users' local_id
  only consists of numbers

Status in OpenStack Identity (keystone):
  Invalid

Bug description:
  Listing LDAP users when one of the users' local_id only consists of numbers will return an Internal Server Error. 
  Here is the error log:
  {"error": {"message": "An unexpected error prevented the server from fulfilling your request: (DataError) invalid input syntax for type numeric: \"Administrator\"\n 'SELECT id_mapping.public_id AS id_mapping_public_id \\nFROM id_mapping \\nWHERE id_mapping.domain_id = %(domain_id_1)s AND id_mapping.local_id = %(local_id_1)s AND id_mapping.entity_type = %(entity_type_1)s' {'local_id_1': 123456, 'domain_id_1': u'1e5f790eabfc4b84a4a37734aa0602e4', 'entity_type_1': 'user'} (Disable debug mode to suppress these details.)", "code": 500, "title": "Internal Server Error"}}
  The Exception is thrown in _set_domain_id_and_mapping_for_single_ref() method
  I'm using postgres as the SQL backend

  Steps to reproduce:
  1. configure keystone to enable domain specific drivers and configure one of the domains to use LDAP backend.

  2. create an user under the configured user_tree_dn and set the user's
  corresponding user_id_attrbite to consists only of numbers, like
  123456, for example.

  3. list users of this domain using /v3/users?domain_id=$domain_id,
  keystone will return an Internal Server Error with the above error
  message.

  This error occurs when keystone is trying to add an id_mapping entry
  for this user, and it needs to check if it already exists before
  creating it.

  Also, changing an existing user's user_id_attrbite to pure numbers
  triggers this bug.

  The error says that keystone is trying to query an id_mapping record
  where the value of local_id column is a number, and in fact this field
  is VCHAR type.

  I think it may have something to do with data type conversions.

  And as a principle, one bad record should not affect the whole list to
  be unreadable, isn't it?

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1480951/+subscriptions