yahoo-eng-team team mailing list archive

[OpenStack Infra <1545960@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://review.openstack.org/280542
Committed: https://git.openstack.org/cgit/openstack/keystone/commit/?id=90c95049a3e0a9ceadbd45b1aa5a7de50a8ea1d0
Submitter: Jenkins
Branch:    master

commit 90c95049a3e0a9ceadbd45b1aa5a7de50a8ea1d0
Author: Steve Martinelli <stevemar@xxxxxxxxxx>
Date:   Tue Feb 16 03:12:08 2016 -0500

    encode user id for notifications
    
    local user ids that are returned from the mapping_id backend are
    in unicode. this causes an issue when attempting to transform
    the value into uuid5.
    
    Change-Id: I87745944a3eb606fdd435ae983e5de602d08bd0d
    closes-bug: 1545960


** Changed in: keystone
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1545960

Title:
  authenticating with ldap user fails due to notification

Status in OpenStack Identity (keystone):
  Fix Released

Bug description:
  I setup a non-default domain with an LDAP backend, with emails as
  usernames. This caused ldap user authentication to fail:

  2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP init: url=ldap://bluepages.ibm.com 2016-02-16 02:49:48.311 _common_ldap_initialization /opt/stack/keystone/keystone/common/ldap/core.py:579
  2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP init: use_tls=False tls_cacertfile=None tls_cacertdir=None tls_req_cert=2 tls_avail=1 2016-02-16 02:49:48.311 _common_ldap_initialization /opt/stack/keystone/keystone/common/ldap/core.py:583
  2016-02-16 02:49:48.311 18101 DEBUG keystone.common.ldap.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP search: base=ou=bluepages,o=ibm.com scope=2 filterstr=(&(mail=stevemar@xxxxxxxxxx)(objectClass=ibmPerson)(uid=*)) attrs=['mail', 'userPassword', 'enabled', 'uid'] attrsonly=0 2016-02-16 02:49:48.311 search_s /opt/stack/keystone/keystone/common/ldap/core.py:938
  2016-02-16 02:49:48.418 18101 DEBUG keystone.common.ldap.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] LDAP unbind 2016-02-16 02:49:48.418 unbind_s /opt/stack/keystone/keystone/common/ldap/core.py:911
  2016-02-16 02:49:48.420 18101 DEBUG keystone.identity.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] ID Mapping - Domain ID: f661d8c0c14848f5909cf5229a473377, Default Driver: False, Domains: False, UUIDs: False, Compatible IDs: True 2016-02-16 02:49:48.420 _set_domain_id_and_mapping /opt/stack/keystone/keystone/identity/core.py:577
  2016-02-16 02:49:48.420 18101 DEBUG keystone.identity.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] Local ID: 011918649 2016-02-16 02:49:48.420 _set_domain_id_and_mapping_for_single_ref /opt/stack/keystone/keystone/identity/core.py:595
  2016-02-16 02:49:48.425 18101 DEBUG keystone.identity.core [req-d086b3ca-bddc-4927-b4d5-205913f4187e - - - - -] Found existing mapping to public ID: 2165702f085e15ff59308d8723df016d75fdd07e9af527a881b87812278e5068 2016-02-16 02:49:48.425 _set_domain_id_and_mapping_for_single_ref /opt/stack/keystone/keystone/identity/core.py:608

  2016-02-16 02:32:22.650 17136 ERROR keystone.common.wsgi [req-0fb5bb7b-2ba1-4ced-a814-71bd53939d46 - - - - -] 'ascii' codec can't decode byte 0xec in position 2: ordinal not in range(128)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi Traceback (most recent call last):
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/common/wsgi.py", line 247, in __call__
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     result = method(context, **params)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/auth/controllers.py", line 396, in authenticate_for_token
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     self.authenticate(context, auth_info, auth_context)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/auth/controllers.py", line 520, in authenticate
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     auth_context)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/auth/plugins/password.py", line 36, in authenticate
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     password=user_info.password)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/common/manager.py", line 124, in wrapped
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     __ret_val = __f(*args, **kwargs)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/notifications.py", line 555, in wrapper
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     initiator = _get_request_audit_info(context, user_id)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/notifications.py", line 521, in _get_request_audit_info
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     initiator.id = utils.resource_uuid(user_id)
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/opt/stack/keystone/keystone/common/utils.py", line 60, in resource_uuid
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     return uuid.uuid5(RESOURCE_ID_NAMESPACE, value).hex
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi   File "/usr/lib/python2.7/uuid.py", line 567, in uuid5
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi     hash = sha1(namespace.bytes + name).digest()
  2016-02-16 02:32:22.650 17136 TRACE keystone.common.wsgi UnicodeDecodeError: 'ascii' codec can't decode byte 0xec in position 2: ordinal not in range(128)

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1545960/+subscriptions