3330: Error 500 while trying to authenticate to AD

markd*****@gmai***** (Google Code) (Is this you? Claim this profile.)
May 7, 2014 
What version are you running?
2.0 RC2


What's the URL of the page containing the problem?
http://localhost


What steps will reproduce the problem?
1.Don't have AD server's cert
2.Set up auth for AD
3. Try to log in

What is the expected output? What do you see instead?
I would expect a graceful failure, perhaps a message about the missing cert. Instead there is an Error 500. This is probably due to an exception. The traceback is:


Traceback (most recent call last):

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/core/handlers/base.py", line 114, in get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/views/decorators/debug.py", line 75, in sensitive_post_parameters_wrapper
    return view(request, *args, **kwargs)

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/utils/decorators.py", line 99, in _wrapped_view
    response = view_func(request, *args, **kwargs)

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/views/decorators/cache.py", line 52, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/contrib/auth/views.py", line 36, in login
    if form.is_valid():

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/forms/forms.py", line 129, in is_valid
    return self.is_bound and not bool(self.errors)

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/forms/forms.py", line 121, in errors
    self.full_clean()

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/forms/forms.py", line 274, in full_clean
    self._clean_form()

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/forms/forms.py", line 300, in _clean_form
    self.cleaned_data = self.clean()

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/contrib/auth/forms.py", line 189, in clean
    password=password)

  File "/usr/lib/python2.6/site-packages/Django-1.6.2-py2.6.egg/django/contrib/auth/__init__.py", line 49, in authenticate
    user = backend.authenticate(**credentials)

  File "/usr/lib/python2.6/site-packages/ReviewBoard-2.0rc2-py2.6.egg/reviewboard/accounts/backends.py", line 624, in authenticate
    for con in connections:

  File "/usr/lib/python2.6/site-packages/ReviewBoard-2.0rc2-py2.6.egg/reviewboard/accounts/backends.py", line 591, in get_ldap_connections
    con.start_tls_s()

  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 540, in start_tls_s
    return self._ldap_call(self._l.start_tls_s)

  File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)

CONNECT_ERROR: {'info': "TLS error -8179:Peer's Certificate issuer is not recognized.", 'desc': 'Connect error'}


<WSGIRequest
path:/account/login/,
GET:<QueryDict: {}>,
POST:<QueryDict: {u'username': [u'********************'], u'csrfmiddlewaretoken': [u'********************'], u'password': [u'********************'], u'next': [u'********************']}>,
COOKIES:{'VISITORID': '1820391559',
'WT_FPC': 'id=80e473c3-959e-4c36-b2b1-b3972ccc9965:lv=1398190302505:ss=1398190302505',
'__unam': '458d6a-144090aa2b2-53f0bfda-2',
'__utma': '78019215.1765578840.1386692650.1391721073.1397094137.3',
'__utmz': '78019215.1397094137.3.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)',
'_bcvm_vrid_2016838639941648182': '197957668593634346',
'csrftoken': 'M6P4Pns2m0H1xaJ4PheY98dCzUTt5U4Q',
'rbsessionid': 'e2fq7w4cuant8ea33qaxui4c0glxqpx8'},
META:{'CONTENT_LENGTH': '101',
'CONTENT_TYPE': 'application/x-www-form-urlencoded',
u'CSRF_COOKIE': u'M6P4Pns2m0H1xaJ4PheY98dCzUTt5U4Q',
'DOCUMENT_ROOT': '/var/www/<server>/htdocs',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
'HTTP_ACCEPT_ENCODING': 'gzip, deflate',
'HTTP_ACCEPT_LANGUAGE': 'en-US,en;q=0.5',
'HTTP_CONNECTION': 'keep-alive',
'HTTP_COOKIE': 'WT_FPC=id=80e473c3-959e-4c36-b2b1-b3972ccc9965:lv=1398190302505:ss=1398190302505; __utma=78019215.1765578840.1386692650.1391721073.1397094137.3; _bcvm_vrid_2016838639941648182=197957668593634346; VISITORID=1820391559; __unam=458d6a-144090aa2b2-53f0bfda-2; csrftoken=M6P4Pns2m0H1xaJ4PheY98dCzUTt5U4Q; rbsessionid=e2fq7w4cuant8ea33qaxui4c0glxqpx8; __utmz=78019215.1397094137.3.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)',
'HTTP_DNT': '1',
'HTTP_HOST': '<server>.net',
'HTTP_REFERER': 'http://<server>.net/account/login/?next=/r/',
'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:29.0) Gecko/20100101 Firefox/29.0',
'PATH_INFO': u'/account/login/',
'PATH_TRANSLATED': '/var/www/<server>.net/htdocs/reviewboard.wsgi/account/login/',
'QUERY_STRING': '',
'REMOTE_ADDR': '172.29.7.248',
'REMOTE_PORT': '62740',
'REQUEST_METHOD': 'POST',
'REQUEST_URI': '/account/login/',
'SCRIPT_FILENAME': '/var/www/<server>.net/htdocs/reviewboard.wsgi',
'SCRIPT_NAME': u'',
'SERVER_ADDR': '10.150.16.155',
'SERVER_ADMIN': 'root@localhost',
'SERVER_NAME': '<server>.net',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.1',
'SERVER_SIGNATURE': '<address>Apache/2.2.15 (CentOS) Server at <server>.net Port 80</address>\n',
'SERVER_SOFTWARE': 'Apache/2.2.15 (CentOS)',
'mod_ssl.is_https': <built-in method ssl_is_https of mod_wsgi.Adapter object at 0x7f735200ee40>,
'mod_ssl.var_lookup': <built-in method ssl_var_lookup of mod_wsgi.Adapter object at 0x7f735200ee40>,
'mod_wsgi.application_group': '<server>.net|',
'mod_wsgi.callable_object': 'application',
'mod_wsgi.handler_script': '',
'mod_wsgi.input_chunked': '0',
'mod_wsgi.listener_host': '',
'mod_wsgi.listener_port': '80',
'mod_wsgi.process_group': '',
'mod_wsgi.request_handler': 'wsgi-script',
'mod_wsgi.script_reloading': '1',
'mod_wsgi.version': (3, 2),
'wsgi.errors': <mod_wsgi.Log object at 0x7f7354876630>,
'wsgi.file_wrapper': <built-in method file_wrapper of mod_wsgi.Adapter object at 0x7f735200ee40>,
'wsgi.input': <mod_wsgi.Input object at 0x7f7354844ef0>,
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 1)}>



What operating system are you using? What browser?
Centos 6. Mac Firefox v29


Please provide any additional information below.
The problem is not that the cert is missing. The problem is the lack of a nice error message.
#1 ste****@gallaghe********* (Google Code) (Is this you? Claim this profile.) 
Looks like someone beat me to it. This issue should be fixed by ab655f95ee3dce3805cafbd016d83a645af9417b (Reviewed at https://reviews.reviewboard.org/r/5701/)
#2 markd*****@gmai***** (Google Code) (Is this you? Claim this profile.) 
Yes I see. thanks!
david
#3 david 
This is my favorite kind of bug.
  • +Fixed