[Moin-user] Upgraded from 1.5.7 to 1.6.3, LDAP authentication now broken

Greg Keith Greg.Keith at noaa.gov
Mon Jun 16 13:59:29 EDT 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Hi all -

Given the quick and helpful reply I received to my earlier question 
(vielen dank Herr Waldmann!), I am posting to the list again. I'm a 
newbie Moin admin running Moin 1.6.3 on a RHEL5.1 box, and I just 
upgraded from 1.5.7 to 1.6.3.

I had spent some time figuring out how to get LDAP authentication to 
work with 1.5.7, and finally got everything working. However, it seems 
that LDAP authentication has changed in 1.6.3, so I followed the 
instructions on 
http://moinmaster.wikiwikiweb.de/HelpOnAuthentication/LDAP (the 1.6 
version of the page) to replace some of the code I had in my wikiconfig.py.

The old version of my wikiconfig.py started off with:

(snip)
from MoinMoin.multiconfig import DefaultConfig

class Config(DefaultConfig):

~    from MoinMoin import auth
~    auth = [auth.ldap_login, auth.moin_cookie]
(snip)

The new version is (emphasis mine):

(snip)
from MoinMoin.*config*.multiconfig import DefaultConfig

class Config(DefaultConfig):

~    from MoinMoin.*auth.ldap_login import ldap_login*
~    *from MoinMoin.auth import moin_session*
~    auth = [*ldap_login, moin_session*]
(snip)

Now when I run the moin command to build my xapian index for searching I 
get the error:

MoinMoin.error.ConfigurationError: ImportError: No module named ldap

I do have a 
/usr/lib/python2.4/site-packages/MoinMoin/auth/ldap_login.py, it does 
seem to list ldap as a module ("import ldap" statement on line 19). My 
moin.cgi and wikiconfig.py are in the same subdir, with the same 
permissions and ownership.
I'm sure there are a myriad of other things that could be wrong, it's 
just that this was working fine under 1.5.7....

I have included the full text of my wikiconfig.py following this, and 
the full error message. Thanks for any advice!

Greg

=========================================
FULL PROMPT AND ERROR


[root at intranet config]# moin --config-dir=/httpd/sysdocs/config 
--wiki-url=(I've omitted this for privacy) index build --mode=add
Traceback (most recent call last):
~  File "/usr/bin/moin", line 6, in ?
~    run()
~  File "/usr/lib/python2.4/site-packages/MoinMoin/script/moin.py", line 
14, in run
~    MoinScript().run(showtime=0)
~  File "/usr/lib/python2.4/site-packages/MoinMoin/script/__init__.py", 
line 138, in run
~    self.mainloop()
~  File "/usr/lib/python2.4/site-packages/MoinMoin/script/__init__.py", 
line 251, in mainloop
~    plugin_class(args[2:], self.options).run() # all starts again there
~  File "/usr/lib/python2.4/site-packages/MoinMoin/script/__init__.py", 
line 138, in run
~    self.mainloop()
~  File 
"/usr/lib/python2.4/site-packages/MoinMoin/script/index/build.py", line 
50, in mainloop
~    self.init_request()
~  File "/usr/lib/python2.4/site-packages/MoinMoin/script/__init__.py", 
line 178, in init_request
~    self.request = request_cli.Request(self.options.wiki_url, 
self.options.page)
~  File 
"/usr/lib/python2.4/site-packages/MoinMoin/request/request_cli.py", line 
31, in __init__
~    RequestBase.__init__(self, properties)
~  File "/usr/lib/python2.4/site-packages/MoinMoin/request/__init__.py", 
line 216, in __init__
~    self._load_multi_cfg()
~  File "/usr/lib/python2.4/site-packages/MoinMoin/request/__init__.py", 
line 381, in _load_multi_cfg
~    self.cfg = multiconfig.getConfig(self.url)
~  File 
"/usr/lib/python2.4/site-packages/MoinMoin/config/multiconfig.py", line 
170, in getConfig
~    cfg = _makeConfig(cfgName)
~  File 
"/usr/lib/python2.4/site-packages/MoinMoin/config/multiconfig.py", line 
122, in _makeConfig
~    raise error.ConfigurationError(msg)
MoinMoin.error.ConfigurationError: ImportError: No module named ldap

Check that the file is in the same directory as the server script. If
it is not, you must add the path of the directory where the file is
located to the python path in the server script. See the comments at
the top of the server script.

Check that the configuration file name is either "wikiconfig.py" or the
module name specified in the wikis list in farmconfig.py. Note that the
module name does not include the ".py" suffix.

==============================================================================
WIKICONFIG.PY FILE (LDAP PORTION)

# -*- coding: iso-8859-1 -*-
# IMPORTANT! This encoding (charset) setting MUST be correct! If you 
live in a
# western country and you don't know that you use utf-8, you probably 
want to
# use iso-8859-1 (or some other iso charset). If you use utf-8 (a Unicode
# encoding) you MUST use: coding: utf-8
# That setting must match the encoding your editor uses when you modify the
# settings below. If it does not, special non-ASCII chars will be wrong.

"""
"""

from MoinMoin.config.multiconfig import DefaultConfig


class Config(DefaultConfig):

~    from MoinMoin.auth.ldap_login import ldap_login
~    from MoinMoin.auth import moin_session
~    auth = [ldap_login, moin_session]

~    import ldap
~    ldap_uri = '(omitted for privacy)'              # ldap / active 
directory server URI
~    ldap_binddn = '(omitted for privacy)'  # DN we use for first bind 
(OpenLDAP)
~    ldap_bindpw = '(omitted for privacy)'                          # 
password we use for first bind
~    ldap_base = '(omitted for privacy)'                          # base 
DN we use for searching
~    ldap_scope = 2                                              # scope 
of the search we do (2 == ldap.SCOPE_SUBTREE)
~    ldap_referrals = 0                                          # (0 
needed for AD)
~    ldap_filter = '(&(sAMAccountName=%(username)s)((omitted for privacy)))'

~    ldap_givenname_attribute = 'givenname'              # ldap 
attribute we get the first name from
~    ldap_surname_attribute = 'sn'                       # ldap 
attribute we get the family name from
~    ldap_aliasname_attribute = 'cn'                     # ldap 
attribute we get the aliasname from
~    ldap_email_attribute = 'mail'                       # ldap 
attribute we get the email address from
~    ldap_email_callback = None                          # the function 
that is called with a dict as the first
~    # argument that provides LDAP data. the function has to return the 
e-mail address that was generated from the dict input

~    ldap_coding = 'utf-8'                               # coding used 
for ldap queries and result values
~    ldap_timeout = 10                                   # how long we 
wait for the ldap server [s]
~    ldap_verbose = True                                 # if True, put 
lots of LDAP debug info into the log
~    cookie_lifetime = 1                                 # 1 hour after 
last access LDAP login is required again
~    user_autocreate = True

~    # TLS / SSL-related configuration
~    ldap_start_tls = 0                                  # 0 = No, 1 = 
Try, 2 = Required
~    ldap_tls_cacertdir = ''
~    ldap_tls_cacertfile = ''
~    ldap_tls_certfile = ''
~    ldap_tls_keyfile = ''
~    ldap_tls_require_cert = ldap.OPT_X_TLS_NEVER

~    ldap_bindonce = False                               # set to True 
to only do one bind. Useful if configured to bind as the user on the 
first attempt




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
 
iD8DBQFIVqoA8IR34NeP2BwRAiV4AJ9cgz/3AfIKFWZ9YlcwZAeqS27ulQCdEqKH
zoq6a/50VHqwnCvW368Td40=
=DmNp
-----END PGP SIGNATURE-----

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/moin-user/attachments/20080616/699727eb/attachment.html>

More information about the Moin-user mailing list