With ipsilon 2.1.0 installed using: ipsilon-server-install --ipa yes --info-sssd yes --form yes --saml2 yes --admin-user 'admin'
ipsilon-server-install --ipa yes --info-sssd yes --form yes --saml2 yes --admin-user 'admin'
When a user identifies themselves with their e-mail address instead of username (something that sssd is apparently designed to support), ipsilon crashes. We would like it to succeed in these circumstances.
from /var/log/messages:
Jul 25 21:12:36 ipsilon httpd[5000]: [ssl:info] [pid 5000] [client 192.168.200.6:52423] AH01964: Connection to child 6 established (server ipsilon.test.bluepenguinpayments.com:443) Jul 25 21:12:36 ipsilon httpd[5000]: [intercept_form_submit:info] [pid 5000] [client 192.168.200.6:52423] login found in POST: login_name=paul@bluepenguinpayments.com, referer: https://ipsilon.test.bluepenguinpayments.com/idp/login/gssapi/negotiate?ipsilon_transaction_id=9a6cf94d-91ae-473b-8743-8f8a9387ac27 Jul 25 21:12:36 ipsilon httpd[5000]: [intercept_form_submit:info] [pid 5000] [client 192.168.200.6:52423] password found in POST: login_password=[REDACTED], referer: https://ipsilon.test.bluepenguinpayments.com/idp/login/gssapi/negotiate?ipsilon_transaction_id=9a6cf94d-91ae-473b-8743-8f8a9387ac27 Jul 25 21:12:36 ipsilon httpd[5000]: [authnz_pam:info] [pid 5000] [client 192.168.200.6:52423] PAM authentication passed for user paul@bluepenguinpayments.com, referer: https://ipsilon.test.bluepenguinpayments.com/idp/login/gssapi/negotiate?ipsilon_transaction_id=9a6cf94d-91ae-473b-8743-8f8a9387ac27 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] [25/Jul/2018:21:12:36] LOGIN SUCCESSFUL: paul@bluepenguinpayments.com Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] [25/Jul/2018:21:12:36] HTTP Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] Request Headers: Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] REFERER: https://ipsilon.test.bluepenguinpayments.com/idp/login/gssapi/negotiate?ipsilon_transaction_id=9a6cf94d-91ae-473b-8743-8f8a9387ac27 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] ACCEPT-LANGUAGE: en-US,en;q=0.9 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] ORIGIN: https://ipsilon.test.bluepenguinpayments.com Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] Content-Length: 127 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] CONNECTION: keep-alive Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] COOKIE: ipsilon_default_username=admin; 841b9024-d956-47fb-8b25-93aff214d56b=login; 3c017b11-3c07-444d-928b-471cad5681ba=login; 54fd7135-a7be-4dc9-8f1d-d8823911e683=login; caa2b249-ed5f-43e3-ad94-1f771b7020b1=login; 86a958f9-8046-489b-9af7-a8f5c9a423e5=login; ebc9839c-bcef-49a3-885e-5e372a6245a0=login; idp_ipsilon_session_id=c467a17f9ad3577978051d20d109a9bdee8f044d; c1f2ea2d-c93c-4423-a092-0e4f201796e0=login; 7788c98f-4425-4504-8b15-c2fef83b430a=login; 78b446d6-2471-4a7f-985b-befae5094159=login; _ga=GA1.2.530901196.1530648415 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] Remote-Addr: 192.168.200.6 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] DNT: 1 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] HOST: ipsilon.test.bluepenguinpayments.com Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] UPGRADE-INSECURE-REQUESTS: 1 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] CACHE-CONTROL: max-age=0 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] USER-AGENT: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36 Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] Content-Type: application/x-www-form-urlencoded Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] ACCEPT-ENCODING: gzip, deflate, br Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] [25/Jul/2018:21:12:36] HTTP Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] Traceback (most recent call last): Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/cherrypy/_cprequest.py", line 670, in respond Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] response.body = self.handler() Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/cherrypy/lib/encoding.py", line 217, in __call__ Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] self.body = self.oldhandler(*args, **kwargs) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/cherrypy/_cpdispatch.py", line 60, in __call__ Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] return self.callable(*self.args, **self.kwargs) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/ipsilon/util/page.py", line 91, in __call__ Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] return op(*args, **kwargs).encode('utf-8') Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/ipsilon/login/common.py", line 270, in root Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] return op(*args, **kwargs) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/ipsilon/login/authform.py", line 29, in POST Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] return self.lm.auth_successful(self.trans, user.name, 'password') Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/ipsilon/login/common.py", line 155, in auth_successful Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] self.initialize_login_session(username, self.info, auth_type, userdata) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/ipsilon/login/common.py", line 102, in initialize_login_session Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] infoattrs = info.get_user_attrs(username) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/ipsilon/info/common.py", line 86, in get_user_attrs Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] result = p.get_user_attrs(user) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/ipsilon/info/infosssd.py", line 108, in get_user_attrs Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] attrs, groups = self._get_user_data(user) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib/python2.7/site-packages/ipsilon/info/infosssd.py", line 89, in _get_user_data Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] dbus_interface='org.freedesktop.sssd.infopipe') Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib64/python2.7/site-packages/dbus/proxies.py", line 70, in __call__ Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] return self._proxy_method(*args, **keywords) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib64/python2.7/site-packages/dbus/proxies.py", line 145, in __call__ Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] **keywords) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] File "/usr/lib64/python2.7/site-packages/dbus/connection.py", line 651, in call_blocking Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] message, timeout) Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] DBusException: org.freedesktop.DBus.Error.Failed: Failed to read attribute Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] Jul 25 21:12:36 ipsilon journal: p [1090]: [:error] [pid 1090] 192.168.200.6 - paul@bluepenguinpayments.com [25/Jul/2018:21:12:36] "POST /idp/login/form HTTP/1.1" 500 1035 "https://ipsilon.test.bluepenguinpayments.com/idp/login/gssapi/negotiate?ipsilon_transaction_id=9a6cf94d-91ae-473b-8743-8f8a9387ac27" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" Jul 25 21:30:27 ipsilon systemd: Started Session 8 of user paul. Jul 25 21:30:27 ipsilon systemd-logind: New session 8 of user paul. Jul 25 21:30:27 ipsilon systemd: Starting Session 8 of user paul.
Log in to comment on this ticket.