InvalidRequestError when connecting with LDAP

Issue #348 resolved
Samuel Delisle created an issue

After upgrading from 0.3.3 to 0.4.1, I get an InvalidRequestError when trying to login. The error output is this:

InvalidRequestError: This Session's transaction has been rolled back due to a previous
exception during flush. To begin a new transaction with this Session, first issue
Session.roll). Original exception was: (raised as a result of Query-invoked autoflush;
consider using a session.no_autoflush block if this flush is occurring prematurely)
(sqlite3.ProgrammingError) You must not use 8-bit bytestrings unless you use a text_factory
that can interpret 8-bit bytestrings (like text_factory = str). It is highly recommended
that you instead just switc your application to Unicode strings.
[SQL: u'UPDATE users SET password=?, extern_name=? WHERE users.user_id = ?']
[parameters: ('*************', 'CN=*******,OU=D\xc3\xa9veloppement,OU=*********,
DC=*****,DC=*****', 3)] (Background on this error at: http://sqlalche.me/e/f405)

The error seems to be caused by the non-ascii character in the first OU, which should be “Développement”. Login works fine with another user that is not part of that particular group.

I guess a workaround would be to have IT change the name of that group (and possibly several others), but they probably won’t like me…

Some other information:

  • Ubuntu 16.04.6 LTS
  • Installed Kallithea with a virtualenv
  • pip freeze:

alembic==1.0.11
amqp==1.4.9
anyjson==0.3.3
Babel==2.6.0
backlash==0.1.4
bcrypt==3.1.7
Beaker==1.11.0
billiard==3.3.0.23
bleach==3.0.2
celery==3.1.26.post2
certifi==2019.9.11
cffi==1.13.1
Click==7.0
crank==0.8.1
decorator==4.3.2
docutils==0.14
dulwich==0.19.13
FormEncode==1.3.1
funcsigs==1.0.2
gearbox==0.2.0
hupper==1.9
Kallithea==0.4.1
kombu==3.0.37
Mako==1.0.14
Markdown==2.6.11
MarkupSafe==1.1.1
mercurial==4.9.1
Paste==3.0.8
PasteDeploy==2.0.1
psycopg2==2.8.4
pyasn1==0.4.7
pyasn1-modules==0.2.7
pycparser==2.19
Pygments==2.2.0
python-dateutil==2.7.5
python-editor==1.0.4
python-ldap==3.2.0
pytz==2019.3
rabbitmq==0.2.0
repoze.lru==0.7
Routes==1.13
six==1.12.0
SQLAlchemy==1.2.19
Tempita==0.5.2
tgext.routes==0.2.0
TurboGears2==2.3.12
urllib3==1.25.6
URLObject==2.4.3
waitress==1.1.0
webencodings==0.5.1
WebHelpers==1.3
WebOb==1.7.4
Whoosh==2.7.4

  • This whole traceback is also printed just before the error message posted above:

Traceback (most recent call last):
  File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/wsgiapp.py", line 120, in __call__
    response = self.wrapped_dispatch(controller, environ, context)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/appwrappers/errorpage.py", line 90, in __call__
    resp = self.next_handler(controller, environ, context)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/appwrappers/caching.py", line 54, in __call__
    return self.next_handler(controller, environ, context)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/appwrappers/session.py", line 71, in __call__
    response = self.next_handler(controller, environ, context)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/appwrappers/i18n.py", line 71, in __call__
    return self.next_handler(controller, environ, context)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/tg/wsgiapp.py", line 285, in _dispatch
    return controller(environ, context)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/lib/base.py", line 527, in __call__
    session.get('authuser'),
  File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/lib/base.py", line 458, in _determine_auth_user
    for plugin in auth_modules.get_auth_plugins()
  File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/lib/auth_modules/__init__.py", line 321, in get_auth_plugins
    for plugin_name in Setting.get_by_name("auth_plugins").app_settings_value:
  File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/model/db.py", line 249, in get_by_name
    .filter(cls.app_settings_name == key).scalar()
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3069, in scalar
    ret = self.one()
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3039, in one
    ret = self.one_or_none()
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3008, in one_or_none
    ret = list(self)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/kallithea/lib/caching_query.py", line 81, in __iter__
    return Query.__iter__(self)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3081, in __iter__
    return self._execute_and_instances(context)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3103, in _execute_and_instances
    querycontext, self._connection_from_session, close_with_result=True
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3111, in _get_bind_args
    mapper=self._bind_mapper(), clause=querycontext.statement, **kw
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/query.py", line 3096, in _connection_from_session
    conn = self.session.connection(**kw)
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/session.py", line 1120, in connection
    execution_options=execution_options,
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/session.py", line 1126, in _connection_for_bind
    engine, execution_options
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/session.py", line 401, in _connection_for_bind
    self._assert_active()
  File "/opt/kallithea/venv/lib/python2.7/site-packages/sqlalchemy/orm/session.py", line 288, in _assert_active
    % self._rollback_exception

Comments (4)

  1. Log in to comment