Bug #26063
open
When we use LDAP authentication backend, the error is confusing if the user doesn't exist in Rudder
Added by Nicolas CHARLES 10 days ago.
Updated 3 days ago.
Status:
Pending technical review
Severity:
Minor - inconvenience | misleading | easy workaround
Description
When using the LDAP authentication backend, we had the following error when trying to login
[LDAP: error code 32 - 0000208D: NameErr: DSID-03100245, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=WWW,DC=YYYYYY,DC=ZZZ'
the actual cause of the error was that the user was not declared in Rudder
The log should clearly say that the user is not there, or at least documentation should mention it
- Project changed from Rudder to Authentication backends
- Target version deleted (
8.1.11)
- Priority changed from N/A to To review
- Target version set to 8.1
- Assignee set to François ARMAND
- Priority changed from To review to 2
- Severity set to Minor - inconvenience | misleading | easy workaround
At least add an error message pointing to that, or add doc explaining the meaning of that result.
- Status changed from New to In progress
in Rudder 8.1.11-snapshot, with the user present in LDAP but not in rudder file, we get:
2024-12-19 17:21:08+0100 DEBUG application.authentication - Rudder authentication attempt for principal 'fanf' with backend 'rootAdmin': failure
2024-12-19 17:21:08+0100 DEBUG application.authentication - Rudder authentication attempt using bootstrap.liftweb.RudderAuthenticationProvider
2024-12-19 17:21:08+0100 INFO application.authentication - Rudder authentication attempt for principal 'fanf' with backend 'ldap': failure
2024-12-19 17:21:08+0100 DEBUG application.authentication - Rudder authentication attempt using bootstrap.liftweb.RudderAuthenticationProvider
2024-12-19 17:21:08+0100 INFO application.authentication - Rudder authentication attempt for principal 'fanf' with backend 'file': failure
2024-12-19 17:21:08+0100 WARN application - Login authentication failed for user 'fanf' from IP '127.0.0.1': Bad credentials
It looks like what we want it to be.
- Status changed from In progress to Pending technical review
- Assignee changed from François ARMAND to Nicolas CHARLES
- Pull Request set to https://github.com/Normation/rudder-plugins/pull/781
Also available in: Atom
PDF
Updated by 
Updated by