django-cas-server communicate with windows activity directory

[leeyangit]

Hi,
I am use the activity directory to be an backend, and the ldap mode is bind. sometimes, it is wrong.

The error message is:

File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/threading.py", line 783, in __bootstrap
  self.__bootstrap_inner()
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/threading.py", line 810, in __bootstrap_inner
  self.run()
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/threading.py", line 763, in run
  self.__target(*self.__args, **self.__kwargs)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/SocketServer.py", line 599, in process_request_thread
  self.finish_request(request, client_address)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/SocketServer.py", line 334, in finish_request
  self.RequestHandlerClass(request, client_address, self)
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/SocketServer.py", line 655, in __init__
  self.handle()
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/servers/basehttp.py", line 155, in handle
  handler.run(self.server.get_app())
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/wsgiref/handlers.py", line 85, in run
  self.result = application(self.environ, self.start_response)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/contrib/staticfiles/handlers.py", line 63, in __call__
  return self.application(environ, start_response)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/wsgi.py", line 157, in __call__
  response = self.get_response(request)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/base.py", line 124, in get_response
  response = self._middleware_chain(request)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/exception.py", line 43, in inner
  response = response_for_exception(request, exc)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/exception.py", line 93, in response_for_exception
  response = handle_uncaught_exception(request, get_resolver(get_urlconf()), sys.exc_info())
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/exception.py", line 135, in handle_uncaught_exception
  extra={'status_code': 500, 'request': request},
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/logging/__init__.py", line 1506, in _LogErrorReplacement
  """
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/exception.py", line 41, in inner
  response = get_response(request)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/base.py", line 249, in _legacy_get_response
  response = self._get_response(request)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/base.py", line 187, in _get_response
  response = self.process_exception_by_middleware(e, request)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/core/handlers/base.py", line 185, in _get_response
  response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/views/decorators/debug.py", line 76, in sensitive_post_parameters_wrapper
  return view(request, *args, **kwargs)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/views/generic/base.py", line 68, in view
  return self.dispatch(request, *args, **kwargs)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/views/generic/base.py", line 88, in dispatch
  return handler(request, *args, **kwargs)
 File "/Users/leyan/devops/cas/cas_server/views.py", line 499, in post
  ret = self.process_post()
 File "/Users/leyan/devops/cas/cas_server/views.py", line 567, in process_post
  if self.form.is_valid():
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/forms/forms.py", line 183, in is_valid
  return self.is_bound and not self.errors
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/forms/forms.py", line 175, in errors
  self.full_clean()
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/forms/forms.py", line 385, in full_clean
  self._clean_form()
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/django/forms/forms.py", line 412, in _clean_form
  cleaned_data = self.clean()
 File "/Users/leyan/devops/cas/cas_server/forms.py", line 126, in clean
  auth = utils.import_attr(settings.CAS_AUTH_CLASS)(cleaned_data["username"])
 File "/Users/leyan/devops/cas/cas_server/auth.py", line 299, in __init__
  attributes=unicode(ldap3.ALL_ATTRIBUTES)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/ldap3/core/connection.py", line 788, in search
  response = self.post_send_search(self.send('searchRequest', request, controls))
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/ldap3/strategy/base.py", line 299, in send
  self.sending(ldap_message)
File "/Users/leyan/.pyenv/versions/cas/lib/python2.7/site-packages/ldap3/strategy/base.py", line 834, in sending
  raise communication_exception_factory(LDAPSocketSendError, type(e)(str(e)))(self.connection.last_error)

ldap3.core.exceptions.LDAPSocketSendError: socket sending error[Errno 32] Broken pipe

Is someone have the same error?

Here are my work envirenment:
certifi 2018.11.29
chardet 3.0.4
Django 1.11.18
django-auth-ldap 1.1.4
futures 3.2.0
idna 2.8
ldap 1.0.2
ldap3 2.5.2
lxml 4.3.0
MySQL-python 1.2.5
pip 18.1
pyasn1 0.4.5
python-ldap 2.4.13
pytz 2018.9
PyYAML 3.13
requests 2.21.0
requests-futures 0.9.9
setuptools 40.6.3
six 1.12.0
urllib3 1.24.1
uWSGI 2.0.17.1
wheel 0.32.3

[leeyangit]

Hi,
I have solve the problem, the reason is connection from cas-server to ldap server is closed, but django-cas-server still use it.

just change:

    def __init__(self, username):
        if not ldap3:
            raise RuntimeError("Please install ldap3 before using the LdapAuthUser backend")
        if not settings.CAS_LDAP_BASE_DN:
            raise ValueError(
                "You must define CAS_LDAP_BASE_DN for using the ldap authentication backend"
            )
        # in case we got deconnected from the database, retry to connect 2 times
        for retry_nb in range(3):
            try:
                conn = self.get_conn()
                if conn.search(
                    settings.CAS_LDAP_BASE_DN,
                    settings.CAS_LDAP_USER_QUERY % ldap3.utils.conv.escape_bytes(username),
                    attributes=ldap3.ALL_ATTRIBUTES
                ) and len(conn.entries) == 1:
                    # try the new ldap3>=2 API

to

    def get_conn(cls):
        """Return a connection object to the ldap database"""
        conn = cls._conn
        if conn is None or conn.closed:
            conn = ldap3.Connection(
                settings.CAS_LDAP_SERVER,
                settings.CAS_LDAP_USER,
                settings.CAS_LDAP_PASSWORD,
                auto_bind=True
            )
            cls._conn = conn
        return conn

    def __init__(self, username):
        if not ldap3:
            raise RuntimeError("Please install ldap3 before using the LdapAuthUser backend")
        if not settings.CAS_LDAP_BASE_DN:
            raise ValueError(
                "You must define CAS_LDAP_BASE_DN for using the ldap authentication backend"
            )
        # in case we got deconnected from the database, retry to connect 2 times
        for retry_nb in range(3):
            try:
                #conn = self.get_conn()
                conn = ldap3.Connection(
                    settings.CAS_LDAP_SERVER,
                    settings.CAS_LDAP_USER,
                    settings.CAS_LDAP_PASSWORD,
                    auto_bind=True
                )
                if conn.search(
                    settings.CAS_LDAP_BASE_DN,
                    settings.CAS_LDAP_USER_QUERY % ldap3.utils.conv.escape_bytes(username),
                    attributes=ldap3.ALL_ATTRIBUTES
                ) and len(conn.entries) == 1:

in auth.py

the problem is solved

[nitmir]

Hi,

I think f4ece7f fix this issue (if you cloud try)