Kerberos auth possible problem with umlaut #332
Comments
|
I'm having trouble reproducing this error. Can you paste the output of the Also, what OS are you using? |
|
OK I did some research and I believe I've figured out the problem: Your locale is set to something that doesn't support Unicode characters. So when Gate One tries to create your user directory (e.g. I tried various methods of encoding/normalizing unicode characters like 'ü' but none of it worked when I forced my locale via So please change your system locale to something that will work such as 'de_DE.UTF-8' and let me know if the problem goes away (it should). If that doesn't fix it (make sure to restart Gate One after changing your system locale) then I have to do a deeper investigation. |
|
my locale should be correct, but i will check that when i'm back at work. |
|
Hi, that's my locale: LANG=de_DE.UTF-8 Error is still this one (for a name starting with an 'ö'): |
|
OK, then I'm at a loss as to what's causing your problem. I'll see if I can replicate your locale/username locally to try to reproduce this issue. In the mean time can you do me a favor and paste the output of this command? On my system that gives: |
|
I was just able to reproduce this! A fix will be committed soon. |
…would throw Unicode*Error exceptions. This should close issue #332 (#332). ssh_connect.py: Fixed a bug where you could get encoding-related exceptions if a user's UPN contained unicode characters. utils.py: Fixed a bug in `cmd_var_swap()` where you could get encoding-related exceptions if one of the swapped variables contained unicode characters. termio.py: Fixed a bug where you could get encoding-related exceptions if an environment variable contained unicode characters.
|
I just pushed a commit that should fix this. I actually had to fix a number of Unicode*Error exceptions that I somehow missed over the past few weeks (months?). Here's proof that it works: I made a user named, "dennis_bühring" on my system just to test this 😄 Please pull the latest code and let me know if it is working, thanks! |
|
Sweet :) |
|
I think the GateOne part is ok now, but i'm still having problems authenticating users with umlauts. |
|
Well if you're getting errors in the Gate One logs post them. I may have missed something. |
My username in our active directory is dennis_bühring and it seems this is causing problems.
[W 131114 09:44:06 web:1635] 401 GET /auth?next=%2F (172.26.14.115) 0.91ms
[D 131114 09:44:06 authentication:457] KerberosAuthHandler user: dennis_bü[email protected]
[D 131114 09:44:06 authentication:147] user_login(dennis_bü[email protected])
[E 131114 09:44:06 web:1228] Uncaught exception GET /auth?next=%2F (172.26.14.115)
HTTPRequest(protocol='https', host='srv-gateone.bla.blub.de', method='GET', uri='/auth?next=%2F', version='HTTP/1.1', remote_ip='172.26.14.115', headers={'Connection': 'keep-alive', 'Accept-Language': 'de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4', 'Accept-Encoding': 'gzip,deflate,sdch', 'Authorization': 'Negotiate YIIIDAYGKwYBBQUCoIIIADCCB/ygMDAuBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKwYBBAGCNwICHgYKKwYBBAGCNwICCqKCB8YEggfCYIIHvgYJKoZIhvcSAQICAQBuggetMIIHqaADAgEFoQMCAQ6iBwMFACAAAACjggYkYYIGIDCCBhygAwIBBaEUGxJaRU5UUkFMRS5FWFBFUlQuREWiMTAvoAMCAQKhKDAmGwRIVFRQGx5zcnYtZ2F0ZW9uZS56ZW50cmFsZS5leHBlcnQuZGWjggXKMIIFxqADAgEXoQMCAQKiggW4BIIFtNDkvsDeIJi9B2j/Gu36i+qfHLFLCwKLecjlZBUpkobJOUSteeFHSKVz53I2XBrEiWkZtf954gwul/thLIQ9A+9f8SF8vWqf4bzgGsPvO0bYzP7jBmUes9Hc+3id7VNY5VpWB54AhwZFG9W4DVB8kgff1mwKGerZQbA2VzZvo8/T2DTDpLFh23+xHah5zhXqaKTyTSrdxoS3PppKyclpk0phizeTJtgntI49GTRAbZtpyecZ3xHoOiZQF7zbmUvkfLvQepUJbc9Jx+C/ht04XZ5X1WYEgJukRfxMhttUJx+ibG4L61sO0Hz2leR5KEJO0bGRXBTXyxI+DYoLOhwGg1fJZweGnAUM7yiXWNTMLnTd/V8IDmSLrefsy5hnpSyitgCrJRzEwntWAfDIeMEVck58kCHz7N+kdiyyrooiDtWRL9V4YRVYKR8LiB6J2HAxFqBdCxJEtLSTwtKFkpqiGhOM6nLMu6TuhXouETr8sqvUioeOUhIdwzRGvMPHcWtuPjZQxr04MCLIvVwXOJsxbOrnnxmEyUagooBVS3eMM3L10wze1348XFTjgdpwyWnpJPJxcVrhlrb6JRk/eaSYxOw3u43NVGqW+tw0dF7ukm+dMTnrPccn3iuNh4fNtNvdQ23Sk58nzbh6jg0TGFukeRXC8Et1JaB8DQPH7ZUPUzJleHHqvqjKrd8jG+f68VFODoEUFGcEp+v1xhyEYBLDy/OSAAD3LB0vUcADTFhg2eCzJ77sOFUKFP+vnUlte4PuRXnOhn7d1sq5oUA4B1fJ/GfRtaGwBX789IMhKk5vTI3FtHokHJt3uL642Lt2DDaqFQu/tx+2BRoBqIbNvPgIDly9NHGfQL8lqQFFF9efmW71xdkd3jzsZM/zVHfrCr6Pcx2gHoB8jhy4bSM1I2RY+wdKa7Aj7ozIF29yolIijOodpWrQdJsrI4cX6fecmu5kUyxOKe3FmbOSTxp3u6FzB2+ma+AZcP/XInTOvBBzrznsMWAY3iabURpQr8+s3BpR4hI8k7Ih6ESb5a6XQN/VNsOLwl1qbF/ekRNAdcYCIrmhnvjNbd2lVZKAt4HVQ6byuU6bLSR/a71zJbgZjlmXDuOXtWwmrCFVbhHwuJDXFa7mPHdnLp237Ul2vh7PZhuRJUhdQXe0qdaYxy+vLrdjpT13lBUMTvVpRhJzrseCSAQG18FzV2DnIiOC1WAhwSbrWWGt8BBGcVUvpqYZS4Tj+fEolFhn3GIQJcwbNtKEgx45I0jasRDJ3w+b/W7/IzXaY3+0ixrygSmFfPmb22x+QGZBwqDWZy9VugSmFqRPfl1lz4nM1LBgsqsKHuTdI/PR+vbFbaqfGZD8fwz9TjhTzdo+PjB82Q+QG+FaxTsY7Bq6+Yfry+ZZnSrTlhXp9YjMvl1KHfamXkzYfkizMgk5C5kMZYy/d9tVIN08RUTKY5HopWoeoI/+iVBkNuGe8T1N/CkLFgp0IWSw+n9Dbb+5IEll8DqpK63hfy3PQXvBqTi2aEZDwl/lhoDgqzZlFPfWdUJQvNoVE6FQTeGk106Can9k80sAGCc3UcAsi3N6xycIpCww8vQ30OLAh1EmuleBPCPbUIUftXoRRak6AiWRFoFpxhqEtr84KmXQPpDsFhrhfbVmxYVFLkJ820CwSCuY2NqbmrkfXjjkGziObg8kccQc/dypSKxH6Xu49T5fWiphoEzcBp6i+GoSa8y+QtrV+I26uWCjIsul5Z/cpvgMApe/qmDxp3zxfyeOrdii06IeTs1g7Tz63dgBsvPkDfNLS4bFn8AMUt4XRgi46xHjlqQQs2p52jJdjCA52OQtPDPA9fUEiopIktTENIN1Caeitb+jt7uiGA11uQEuMjsraCL+RyssHjVuLBfbMAY3c2XZoTQpo3QaEX6csCGz0tRRLx9azR5AWyI5k6/HdWwqnqj1btxspIIBajCCAWagAwIBF6KCAV0EggFZ4aVYER2ootpMxl9gbvdpsNRHFhDycDJIU/nTd35RfhpR6zpA2K+o9Atlj1HEPmZAdEjIRoGA1AKyr7vgOZ0dcGXWhnYGhCH5Y2BY5T5DyVHyTJ0s31XSYJoSmK86BHL6B/NhmguY0Z9m3R8Qw6IYAp41XvpFPFS+VQ1drX8Zo6yRFgk+5x1mpQEnUnBNwORSg5Hs+cqM6U7eegSqXZBIm4S/1aQWSF9VS+bmXD2pNdw2k+60zltDp3J5sYzscOCR4WwKezfOuv72LNX4H8mArt0CR+WQVPQVgZhr5qmg4IA1Cy1pKd3LbUs0L5l1HUz47cXcc9ml8ddwHSb5cIjI6aWqhvMPjn3uUnNaG8r5rI7nrYwfwEhx4YLh7HMw6XPyZhkFRX8sdQjiqVGS4Sr1VQbIF6rAKG5h2LntjWQKcTLGYUQi7h181lQXU3X0T1fQPlr3SckqDC0f', 'Host': 'srv-gateone.bla.blub.de', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8', 'User-Agent': 'Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.48 Safari/537.36'})
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/tornado/web.py", line 1115, in _stack_context_handle_exception
raise_exc_info((type, value, traceback))
File "/usr/local/lib/python2.7/dist-packages/tornado/web.py", line 1298, in wrapper
result = method(self, _args, *_kwargs)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/authentication.py", line 450, in get
self.get_authenticated_user(self._on_auth)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/sso.py", line 151, in get_authenticated_user
self.auth_negotiate(auth_header, callback)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/sso.py", line 181, in auth_negotiate
callback(user)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/authentication.py", line 460, in _on_auth
self.user_login(user)
File "/usr/local/lib/python2.7/dist-packages/gateone-1.2.0-py2.7.egg/gateone/auth/authentication.py", line 150, in user_login
user_dir = os.path.join(self.settings['user_dir'], user['upn'])
File "/usr/lib/python2.7/posixpath.py", line 80, in join
path += '/' + b
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 9: ordinal not in range(128)
[E 131114 09:44:06 web:1635] 500 GET /auth?next=%2F (172.26.14.115) 24.53ms
[W 131114 09:44:06 web:1635] 404 GET /favicon.ico (172.26.14.115) 17.35ms
The text was updated successfully, but these errors were encountered: