From 7047dd45f697e21702cc90d09a33043243af9bb8 Mon Sep 17 00:00:00 2001 From: Florian Best Date: Fri, 29 Mar 2019 08:11:33 +0100 Subject: [PATCH] Bug #48990: handle new server credentials --- .../univention-management-console-web-server | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/management/univention-management-console/univention-management-console-web-server b/management/univention-management-console/univention-management-console-web-server index f162dc7c3ea..7fa7386f454 100755 --- a/management/univention-management-console/univention-management-console-web-server +++ b/management/univention-management-console/univention-management-console-web-server @@ -64,6 +64,7 @@ import univention.debug as ud from univention.management.console.protocol import Request, Response, Client, NoSocketError, TEMPUPLOADDIR from univention.management.console.log import CORE, log_init, log_reopen from univention.management.console.config import ucr, get_int +from univention.management.console.ldap import get_machine_connection, reset_cache from saml2 import BINDING_HTTP_POST, BINDING_HTTP_ARTIFACT, BINDING_HTTP_REDIRECT from saml2.client import Saml2Client @@ -73,19 +74,11 @@ from saml2.s_utils import UnknownPrincipal, UnsupportedBinding, rndstr from saml2.sigver import MissingKey, SignatureError from univention.lib.i18n import NullTranslation -from univention.admin.uldap import getMachineConnection _ = NullTranslation('univention-management-console-frontend').translate _session_timeout = get_int('umc/http/session/timeout', 300) -def _get_ldap_connection(): - if _get_ldap_connection._lo is None: - _get_ldap_connection._lo = getMachineConnection(ldap_master=False)[0] - return _get_ldap_connection._lo -_get_ldap_connection._lo = None - - def sessionidhash(): session = '%s%s%s%s' % (cherrypy.request.headers.get('Authorization', ''), cherrypy.request.headers.get('Accept-Language', ''), get_ip_address(), sessionidhash.salt) return hashlib.sha256(session).hexdigest()[:36] @@ -376,13 +369,14 @@ class User(object): def get_user_groups(self): try: - lo = _get_ldap_connection() + lo = get_machine_connection(write=False)[0] user_dn = lo.searchDn(ldap.filter.filter_format('(&(uid=%s)(objectClass=person))', (self.username,)))[0] user_groups = lo.search(base=user_dn, scope='base', attr=['memberOf']) return user_groups[0][1]['memberOf'] except KeyError: CORE.info('Could not get groups for %r: Maybe memberof overlay module is inactive' % (self.username,)) except Exception: + reset_cache() CORE.error('Could not get groups for %r: %s' % (self.username, traceback.format_exc())) def reset_timeout(self):