You are here: Foswiki>Support Web>SupportQuestions>Question1952 (08 Aug 2018, NixNooi)Edit Attach
This question about : Answered

IgnoreNonAsciiInLdap

-- NixNooi - 08 Aug 2018

  • output has been sanitized

  • I upgraded from Foswiki Release 1.1.3 to Foswiki version v2.1.4.
  • I brought over my debug lines in LdapContrib.pm
  • using the NEW v2.1.4. ... I could not run ./view refreshldap=on Main/WebHome - it crashed leaving the lock (see error message below)
  • the browser based push the button crashed out as well
  • BUT the old 1.1.3 ./view refreshldap=on Main/WebHome worked - using the same LDAP creds in both
  • my initial solution was to refresh the cache using the old code and then copy the cache in to the new version

This is what my file looks like today with hack/fix and debug lines

  • File: /sa001/wiki2/Foswiki2/lib/Foswiki/Contrib/LdapContrib.pm. My files is edited it so the line numbers are as they are in mine 
   1440   # get primary group
   1441   if ($this->{primaryGroupAttribute}) {
   1442     my $groupId = $this->getValue($entry, $this->{primaryGroupAttribute});
   1443     $this->{_primaryGroup}{$groupId}{$loginName} = 1 if $groupId;    # delayed
   1444   }
   1445 
   1446 ##########
   1447 if ( $dn =~ /[^[:ascii:]]+/ ) {
   1448   writeDebug("GE5 bailing hard  dn='$dn'");
   1449     print "Non-English\n";
   1450   return 1;
   1451 }
   1452 ##s/[^[:ascii:]]+//g;  # get rid of non-ASCII characters
   1453   writeDebug("GE1 adding wikiName='$wikiName', loginName='$loginName', dn='$dn'");
   1454 ##########
   1455 
   1456   # store it
   1457   writeDebug("adding wikiName='$wikiName', loginName='$loginName', dn='$dn'");
   1458   $data->{"U2W::$loginName"} = $wikiName;
   1459   $data->{"W2U::$wikiName"} = $loginName;
   1460   $data->{"DN2U::$dn"} = $loginName;
   1461   $data->{"U2DN::$loginName"} = $dn;
   1462   $data->{"U2EMAIL::$loginName"} = join(',', @$emails);
   1463

My added debug showed there was clearly an issue with the charcters in CN=Einstein Training Room – 8 seats - they showed weird on the screen and some place it was a 'wide word'. These characters stopped my LDAP refresh dead in it's tracks. Basically breaking LDAP for me. (( below shows the problem .. but the lines are from post fix )) 
- LdapContrib - GE1 in DN  dn='CN=Einstein Training Room â<80><93> 8 seats,OU=Users,OU=USA,OU=NORAM,DC=fss,DC=,DC=com'
- LdapContrib - found prevWikiName=EinsteinTrainingRoom8Seats for einsteintrainingroom8seats@.com
- LdapContrib - GE5 bailing hard  dn='CN=Einstein Training Room – 8 seats,OU=Users,OU=USA,OU=NORAM,DC=fss,DC=,DC=com'
- LdapContrib - GE1 in DN  dn='CN=Faraday Training Room â<80><93> 8 seats,OU=Users,OU=USA,OU=NORAM,DC=fss,DC=,DC=com'
- LdapContrib - found prevWikiName=FaradayTrainingRoom8Seats for faradaytrainingroom8seats@.com
- LdapContrib - GE5 bailing hard  dn='CN=Faraday Training Room – 8 seats,OU=Users,OU=USA,OU=NORAM,DC=fss,DC=,DC=com'

</verbatim>

below some DEBUG from before the fix 
- LdapContrib - GE1 adding wikiName='EinsteinTrainingRoom8Seats', loginName='einsteintrainingroom8seats@ar.com', dn                                                                         ='CN=Einstein Training Room – 8 seats,OU=Users,OU=USA,OU=NORAM,DC=fss,DC=,DC=com'                                                                                                         
- LdapContrib - adding wikiName='EinsteinTrainingRoom8Seats', loginName='einsteintrainingroom8seats@ar.com', dn='CN                                                                                 Foswiki::Contrib::LdapContrib::cacheUserFromEntry(Foswiki::Contrib::LdapContrib=HASH(0x3c826c8), Net::LDAP::Entry=HASH(0x47db560), HASH(0x3ae3e48), HASH(0x3aefcb8), HASH(0x3aefd00)) called at /sa001/wiki2/Foswiki2/lib/Foswiki/Contrib/LdapContrib.pm line 1052

  • Since I can not fix the content of the entire enterprise LDAP, I coded to ignored entries with the wide characters. I would have nuked them in the DN if I had to, but just returning seems to work fine today. I only need to refresh when a new person joins our team - so this is good enough for me.
  • why the old code works and not the new is beyond me - this hack was faster than understanding the entire LDAP code tree
    • So my ugly hack to just ignore weird things in the DN 
   
   1447 if ( $dn =~ /[^[:ascii:]]+/ ) {
   1448   writeDebug("GE5 bailing hard  dn='$dn'");
   1449     print "Non-English\n";
   1450   return 1;
   1451 }

 

QuestionForm edit

Subject
Extension LdapContrib
Version Foswiki 2.1.4
Status Answered
Related Topics
Edit  | Attach | Print version | History: r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r1 - 08 Aug 2018, NixNooi
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy