-
Notifications
You must be signed in to change notification settings - Fork 271
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LDAP3 - anonymous : ldap3.core.exceptions.LDAPInvalidFilterError: malformed filter #606
Comments
@cannatag : please advise if you have any resolution/idea. |
Try to enclose the user_filter in parentheses, the filter should be (objectClass=*).
… Il giorno 29 ott 2018, alle ore 12:53, alnhk ***@***.***> ha scritto:
@cannatag : please advise if you have any resolution/idea.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
@cannatag : yes, we tried using (objectClass=*) for user_filter, same issue persists below log : [2018-10-30 04:01:04,520] ERROR in app: Exception on /admin/airflow/login [POST] |
Hi, do you still have this problem? You could try to enable ldap3 logging at DEBUG level to see what the malformed filter is. |
I'm closing this issue. Please reopen if you still have this problem. |
Hello.,
airflow 1.8.0-1.6.1 with LDAP integration also use ldap3 python module. However, we are integrating with openldap/DS389 anonymously. And provided only this below as shown :
uri = ldap://nsp-daf178e8.ad1.prd.us-phx.odc.im:389
user_filter = objectClass=*
user_name_attr = uid
group_member_attr =memberOf=cn=rvs-login-prd_usphx,ou=groups,dc=odc,dc=im
superuser_filter =memberOf=cn=rvs-sudo_all-prd_usphx,ou=groups,dc=odc,dc=im
data_profiler_filter =
bind_user =
bind_password =
basedn = ou=people,dc=odc,dc=im
cacert = /opt/orchestration/airflow/ldap_ca.crt
search_scope = SUBTREE
ssl_ldap=False
use_ssl=False
And when verifying thru Airflow web server which also use ldap3 module, and failed with below exception - "malformed filter", please advise the resolution to above variables/values as well as anonymous LDAP integration. Requirement is, allow Apache AIRFLOW to integrate with LDAP anonymously (using LDAP3 modules) , use groups and superuser group only. Apache Airflow use LDAP3 for LDAP integration.
### [2018-10-29 10:14:14,938] [71] {ldap_auth.py:269} INFO - User user0123 successfully authenticated
[2018-10-29 10:14:15,258] ERROR in app: Exception on /admin/airflow/login [POST]
Traceback (most recent call last):
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1988, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1641, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1544, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python3.5/site-packages/flask/_compat.py", line 33, in reraise
raise value
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1639, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1625, in dispatch_request
return self.view_functionsrule.endpoint
File "/usr/local/lib/python3.5/site-packages/flask_admin/base.py", line 69, in inner
return self._run_view(f, *args, **kwargs)
File "/usr/local/lib/python3.5/site-packages/flask_admin/base.py", line 368, in _run_view
return fn(self, *args, **kwargs)
File "/usr/local/lib/python3.5/site-packages/airflow/www/views.py", line 650, in login
return airflow.login.login(self, request)
File "/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 282, in login
flask_login.login_user(LdapUser(user))
File "", line 4, in init
File "/usr/local/lib/python3.5/site-packages/sqlalchemy/orm/state.py", line 414, in _initialize_instance
manager.dispatch.init_failure(self, args, kwargs)
File "/usr/local/lib/python3.5/site-packages/sqlalchemy/util/langhelpers.py", line 66, in exit
compat.reraise(exc_type, exc_value, exc_tb)
File "/usr/local/lib/python3.5/site-packages/sqlalchemy/util/compat.py", line 187, in reraise
raise value
File "/usr/local/lib/python3.5/site-packages/sqlalchemy/orm/state.py", line 411, in _initialize_instance
return manager.original_init(*mixed[1:], **kwargs)
File "/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 140, in init
[2018-10-29 10:14:15,258] [71] {app.py:1587} ERROR - Exception on /admin/airflow/login [POST]
Traceback (most recent call last):
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1988, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1641, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1544, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python3.5/site-packages/flask/_compat.py", line 33, in reraise
raise value
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1639, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python3.5/site-packages/flask/app.py", line 1625, in dispatch_request
return self.view_functionsrule.endpoint
File "/usr/local/lib/python3.5/site-packages/flask_admin/base.py", line 69, in inner
return self._run_view(f, *args, **kwargs)
File "/usr/local/lib/python3.5/site-packages/flask_admin/base.py", line 368, in _run_view
return fn(self, *args, **kwargs)
File "/usr/local/lib/python3.5/site-packages/airflow/www/views.py", line 650, in login
return airflow.login.login(self, request)
File "/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 282, in login
flask_login.login_user(LdapUser(user))
File "", line 4, in init
File "/usr/local/lib/python3.5/site-packages/sqlalchemy/orm/state.py", line 414, in _initialize_instance
manager.dispatch.init_failure(self, args, kwargs)
File "/usr/local/lib/python3.5/site-packages/sqlalchemy/util/langhelpers.py", line 66, in exit
compat.reraise(exc_type, exc_value, exc_tb)
File "/usr/local/lib/python3.5/site-packages/sqlalchemy/util/compat.py", line 187, in reraise
raise value
File "/usr/local/lib/python3.5/site-packages/sqlalchemy/orm/state.py", line 411, in _initialize_instance
return manager.original_init(*mixed[1:], **kwargs)
File "/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 140, in init
user.username)
File "/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 76, in group_contains_user
attributes=[native(user_name_attr)]):
File "/usr/local/lib/python3.5/site-packages/ldap3/core/connection.py", line 779, in search
check_names=self.check_names)
File "/usr/local/lib/python3.5/site-packages/ldap3/operation/search.py", line 372, in search_operation
request['filter'] = compile_filter(parse_filter(search_filter, schema, auto_escape, auto_encode, validator, check_names).elements[0]) # parse the searchFilter string and compile it starting from the root node
File "/usr/local/lib/python3.5/site-packages/ldap3/operation/search.py", line 215, in parse_filter
raise LDAPInvalidFilterError('malformed filter')
ldap3.core.exceptions.LDAPInvalidFilterError: malformed filter
user.username)
File "/usr/local/lib/python3.5/site-packages/airflow/contrib/auth/backends/ldap_auth.py", line 76, in group_contains_user
attributes=[native(user_name_attr)]):
File "/usr/local/lib/python3.5/site-packages/ldap3/core/connection.py", line 779, in search
check_names=self.check_names)
File "/usr/local/lib/python3.5/site-packages/ldap3/operation/search.py", line 372, in search_operation
request['filter'] = compile_filter(parse_filter(search_filter, schema, auto_escape, auto_encode, validator, check_names).elements[0]) # parse the searchFilter string and compile it starting from the root node
File "/usr/local/lib/python3.5/site-packages/ldap3/operation/search.py", line 215, in parse_filter
raise LDAPInvalidFilterError('malformed filter')
ldap3.core.exceptions.LDAPInvalidFilterError: malformed filter
The text was updated successfully, but these errors were encountered: