mastodon icon indicating copy to clipboard operation
mastodon copied to clipboard
verified publisher icon mastodon

LDAP authentication broken on 3.5.3

Open matheusfillipe opened this issue 3 years ago • 2 comments

Steps to reproduce the problem

After updating to 3.5.3 trying to authenticate redirects to a blank page.

  1. Have LDAP setup on .env.production:
LDAP_ENABLED=true
LDAP_HOST=127.0.0.1
LDAP_PORT=636
LDAP_TLS_NO_VERIFY=true
LDAP_METHOD=simple_tls
LDAP_BASE=ou=[redacted]
LDAP_BIND_DN=[redacted]
LDAP_PASSWORD=[redacted]
LDAP_UID=cn
LDAP_MAIL=mail
LDAP_SEARCH_FILTER=(|(%{uid}=%{email})(%{mail}=%{email}))
LDAP_UID_CONVERSION_ENABLED=true

This was working on previous versions

  1. Try to login normally with email or password
  2. You will get a blank page:
<- POST https://social.alive528.com/auth/sign_in
-> 422 Unprocessable Entity

Expected behaviour

Should login normally as before

Actual behaviour

Now im unable to login

Specifications

I am using mastodon 3.5.3. I am not sure what version was working before but it was released about 1 year ago.

Here is are the mastodon logs:

Oct 06 08:50:27 [redacted] bundle[267399]: not verifying SSL hostname of LDAPS server '127.0.0.1'
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5] method=POST path=/auth/sign_in format=html controller=Auth::SessionsController action=create status=422 error='ActiveRecord::RecordInvalid: Validation failed: E-mail address has already been taken' duration=36.35 view=0.00 db=3.14
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5]
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5] ActiveRecord::RecordInvalid (Validation failed: E-mail address has already been taken):
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5]
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5] app/models/concerns/ldap_authenticable.rb:29:in `ldap_get_user'
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5] app/models/concerns/ldap_authenticable.rb:12:in `authenticate_with_ldap'
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5] app/controllers/auth/sessions_controller.rb:61:in `find_user_from_params'
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5] app/controllers/auth/sessions_controller.rb:54:in `find_user'
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5] app/controllers/concerns/two_factor_authentication_concern.rb:11:in `two_factor_enabled?'
Oct 06 08:50:27 [redacted] bundle[267399]: [4c140439-7d25-4c4b-98cc-424e8da11cf5] lib/mastodon/rack_middleware.rb:9:in `call'

matheusfillipe avatar Oct 06 '22 05:10 matheusfillipe

Any info on this issue?

guymass avatar Oct 11 '22 16:10 guymass

I also have an issue with ldap and im running mastodon version 4.0.1. I had to set LDAP_ENABLED=false in .env.production in order to get the site back up. Is there any new about how to fix this issue?

guymass avatar Dec 16 '22 12:12 guymass