-
Notifications
You must be signed in to change notification settings - Fork 924
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Kerberos auth possible problem with umlaut #332
Comments
I'm having trouble reproducing this error. Can you paste the output of the Also, what OS are you using? |
OK I did some research and I believe I've figured out the problem: Your locale is set to something that doesn't support Unicode characters. So when Gate One tries to create your user directory (e.g. I tried various methods of encoding/normalizing unicode characters like 'ü' but none of it worked when I forced my locale via So please change your system locale to something that will work such as 'de_DE.UTF-8' and let me know if the problem goes away (it should). If that doesn't fix it (make sure to restart Gate One after changing your system locale) then I have to do a deeper investigation. |
my locale should be correct, but i will check that when i'm back at work. |
Hi, that's my locale: LANG=de_DE.UTF-8 Error is still this one (for a name starting with an 'ö'): |
OK, then I'm at a loss as to what's causing your problem. I'll see if I can replicate your locale/username locally to try to reproduce this issue. In the mean time can you do me a favor and paste the output of this command?
On my system that gives:
|
I was just able to reproduce this! A fix will be committed soon. |
…would throw Unicode*Error exceptions. This should close issue #332 (#332). ssh_connect.py: Fixed a bug where you could get encoding-related exceptions if a user's UPN contained unicode characters. utils.py: Fixed a bug in `cmd_var_swap()` where you could get encoding-related exceptions if one of the swapped variables contained unicode characters. termio.py: Fixed a bug where you could get encoding-related exceptions if an environment variable contained unicode characters.
I just pushed a commit that should fix this. I actually had to fix a number of Unicode*Error exceptions that I somehow missed over the past few weeks (months?). Here's proof that it works:
I made a user named, "dennis_bühring" on my system just to test this 😄 Please pull the latest code and let me know if it is working, thanks! |
Sweet :) |
I think the GateOne part is ok now, but i'm still having problems authenticating users with umlauts. |
Well if you're getting errors in the Gate One logs post them. I may have missed something. |
My username in our active directory is dennis_bühring and it seems this is causing problems.
[W 131114 09:44:06 web:1635] 401 GET /auth?next=%2F (172.26.14.115) 0.91ms
[D 131114 09:44:06 authentication:457] KerberosAuthHandler user: dennis_bü[email protected]
[D 131114 09:44:06 authentication:147] user_login(dennis_bü[email protected])
[E 131114 09:44:06 web:1228] Uncaught exception GET /auth?next=%2F (172.26.14.115)
HTTPRequest(protocol='https', host='srv-gateone.bla.blub.de', method='GET', uri='/auth?next=%2F', version='HTTP/1.1', remote_ip='172.26.14.115', headers={'Connection': 'keep-alive', 'Accept-Language': 'de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4', 'Accept-Encoding': 'gzip,deflate,sdch', 'Authorization': 'Negotiate YIIIDAYGKwYBBQUCoIIIADCCB/ygMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgYKKwYBBAGCNwICCqKCB8YEggfCYIIHvgYJKoZIhvcSAQICAQBuggetMIIHqaADAgEFoQMCAQ6iBwMFACAAAACjggYkYYIGIDCCBhygAwIBBaEUGxJaRU5UUkFMRS5FWFBFUlQuREWiMTAvoAMCAQKhKDAmGwRIVFRQGx5zcnYtZ2F0ZW9uZS56ZW50cmFsZS5leHBlcnQuZGWjggXKMIIFxqADAgEXoQMCAQKiggW4BIIFtNDkvsDeIJi9B2j/Gu36i+qfHLFLCwKLecjlZBUpkobJOUSteeFHSKVz53I2XBrEiWkZtf954gwul/thLIQ9A+9f8SF8vWqf4bzgGsPvO0bYzP7jBmUes9Hc+3id7VNY5VpWB54AhwZFG9W4DVB8kgff1mwKGerZQbA2VzZvo8/T2DTDpLFh23+xHah5zhXqaKTyTSrdxoS3PppKyclpk0phizeTJtgntI49GTRAbZtpyecZ3xHoOiZQF7zbmUvkfLvQepUJbc9Jx+C/ht04XZ5X1WYEgJukRfxMhttUJx+ibG4L61sO0Hz2leR5KEJO0bGRXBTXyxI+DYoLOhwGg1fJZweGnAUM7yiXWNTMLnTd/V8IDmSLrefsy5hnpSyitgCrJRzEwntWAfDIeMEVck58kCHz7N+kdiyyrooiDtWRL9V4YRVYKR8LiB6J2HAxFqBdCxJEtLSTwtKFkpqiGhOM6nLMu6TuhXouETr8sqvUioeOUhIdwzRGvMPHcWtuPjZQxr04MCLIvVwXOJsxbOrnnxmEyUagooBVS3eMM3L10wze1348XFTjgdpwyWnpJPJxcVrhlrb6JRk/eaSYxOw3u43NVGqW+tw0dF7ukm+dMTnrPccn3iuNh4fNtNvdQ23Sk58nzbh6jg0TGFukeRXC8Et1JaB8DQPH7ZUPUzJleHHqvqjKrd8jG+f68VFODoEUFGcEp+v1xhyEYBLDy/OSAAD3LB0vUcADTFhg2eCzJ77sOFUKFP+vnUlte4PuRXnOhn7d1sq5oUA4B1fJ/GfRtaGwBX789IMhKk5vTI3FtHokHJt3uL642Lt2DDaqFQu/tx+2BRoBqIbNvPgIDly9NHGfQL8lqQFFF9efmW71xdkd3jzsZM/zVHfrCr6Pcx2gHoB8jhy4bSM1I2RY+wdKa7Aj7ozIF29yolIijOodpWrQdJsrI4cX6fecmu5kUyxOKe3FmbOSTxp3u6FzB2+ma+AZcP/XInTOvBBzrznsMWAY3iabURpQr8+s3BpR4hI8k7Ih6ESb5a6XQN/VNsOLwl1qbF/ekRNAdcYCIrmhnvjNbd2lVZKAt4HVQ6byuU6bLSR/a71zJbgZjlmXDuOXtWwmrCFVbhHwuJDXFa7mPHdnLp237Ul2vh7PZhuRJUhdQXe0qdaYxy+vLrdjpT13lBUMTvVpRhJzrseCSAQG18FzV2DnIiOC1WAhwSbrWWGt8BBGcVUvpqYZS4Tj+fEolFhn3GIQJcwbNtKEgx45I0jasRDJ3w+b/W7/IzXaY3+0ixrygSmFfPmb22x+QGZBwqDWZy9VugSmFqRPfl1lz4nM1LBgsqsKHuTdI/PR+vbFbaqfGZD8fwz9TjhTzdo+PjB82Q+QG+FaxTsY7Bq6+Yfry+ZZnSrTlhXp9YjMvl1KHfamXkzYfkizMgk5C5kMZYy/d9tVIN08RUTKY5HopWoeoI/+iVBkNuGe8T1N/CkLFgp0IWSw+n9Dbb+5IEll8DqpK63hfy3PQXvBqTi2aEZDwl/lhoDgqzZlFPfWdUJQvNoVE6FQTeGk106Can9k80sAGCc3UcAsi3N6xycIpCww8vQ30OLAh1EmuleBPCPbUIUftXoRRak6AiWRFoFpxhqEtr84KmXQPpDsFhrhfbVmxYVFLkJ820CwSCuY2NqbmrkfXjjkGziObg8kccQc/dypSKxH6Xu49T5fWiphoEzcBp6i+GoSa8y+QtrV+I26uWCjIsul5Z/cpvgMApe/qmDxp3zxfyeOrdii06IeTs1g7Tz63dgBsvPkDfNLS4bFn8AMUt4XRgi46xHjlqQQs2p52jJdjCA52OQtPDPA9fUEiopIktTENIN1Caeitb+jt7uiGA11uQEuMjsraCL+RyssHjVuLBfbMAY3c2XZoTQpo3QaEX6csCGz0tRRLx9azR5AWyI5k6/HdWwqnqj1btxspIIBajCCAWagAwIBF6KCAV0EggFZ4aVYER2ootpMxl9gbvdpsNRHFhDycDJIU/nTd35RfhpR6zpA2K+o9Atlj1HEPmZAdEjIRoGA1AKyr7vgOZ0dcGXWhnYGhCH5Y2BY5T5DyVHyTJ0s31XSYJoSmK86BHL6B/NhmguY0Z9m3R8Qw6IYAp41XvpFPFS+VQ1drX8Zo6yRFgk+5x1mpQEnUnBNwORSg5Hs+cqM6U7eegSqXZBIm4S/1aQWSF9VS+bmXD2pNdw2k+60zltDp3J5sYzscOCR4WwKezfOuv72LNX4H8mArt0CR+WQVPQVgZhr5qmg4IA1Cy1pKd3LbUs0L5l1HUz47cXcc9ml8ddwHSb5cIjI6aWqhvMPjn3uUnNaG8r5rI7nrYwfwEhx4YLh7HMw6XPyZhkFRX8sdQjiqVGS4Sr1VQbIF6rAKG5h2LntjWQKcTLGYUQi7h181lQXU3X0T1fQPlr3SckqDC0f', 'Host': 'srv-gateone.bla.blub.de', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8', 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36'})
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/tornado/web.py", line 1115, in _stack_context_handle_exception
raise_exc_info((type, value, traceback))
File "/usr/local/lib/python2.7/dist-packages/tornado/web.py", line 1298, in wrapper
result = method(self, _args, *_kwargs)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/authentication.py", line 450, in get
self.get_authenticated_user(self._on_auth)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/sso.py", line 151, in get_authenticated_user
self.auth_negotiate(auth_header, callback)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/sso.py", line 181, in auth_negotiate
callback(user)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/authentication.py", line 460, in _on_auth
self.user_login(user)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/authentication.py", line 150, in user_login
user_dir = os.path.join(self.settings['user_dir'], user['upn'])
File "/usr/lib/python2.7/posixpath.py", line 80, in join
path += '/' + b
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 9: ordinal not in range(128)
[E 131114 09:44:06 web:1635] 500 GET /auth?next=%2F (172.26.14.115) 24.53ms
[W 131114 09:44:06 web:1635] 404 GET /favicon.ico (172.26.14.115) 17.35ms
The text was updated successfully, but these errors were encountered: