Error integrating DAViCal with OpenLDAP (iRedMail)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Error integrating DAViCal with OpenLDAP (iRedMail)

Iván Montoro
Hi everybody,

I'm trying to integrate DAViCal with the OpenLDAP installation that iRedMail renders, using the same directory server. I'm using davical-0.9.7.6-0 (RPM), following the default installation method. Authenticating with the "admin" user (read from postgreSQL) works just fine (I can log in and see all the database objects) I've enabled all debug options with "$c->dbg["ALL"] = 1" in the config file. I have successfully checked the LDAP server against other apps, and I'm authenticating my username (ivan.montoro)

First of all, I cannot bind anonymously to the LDAP server although I've done it already with ejabberd (no username, no password, login OK); I'm leaving the 'bindDN' and 'passDN' parameters blank, but the Apache log file says:

---
davical: ALL: Login: Login: Attempting login for ivan.montoro, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:drivers_ldap : Connected to LDAP server localhost, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:drivers_ldap : Failed to bind to host localhost on port 389 with bindDN of anonymous, referer: http://www.mydomain.com/caldav/
davical: ***: ERROR:Couldn't contact LDAP server for authentication, referer: http://www.mydomain.com/caldav/
---

That's not a big deal, because using the LDAP administrator username and password ("cn=Manager,dc=mydomain,dc=com" in my case) the LDAP bind works fine, but I would prefer to bind anonymously so no password is stored in the config file. Enabling or disabling 'startTLS' doesn't make a difference.

The problem comes when I try to authenticate. I'm putting a valid username and password, and DAViCal seems happy with the given credentials. By looking at the logs seems that DAViCal is unable to create the "local" (PostgreSQL) copy of the user. The request dies with a blank page in the browser, and I think the problem is between lines 127 and 129 at /usr/share/davical/inc/auth-functions.php.

---
davical: LOG: :==========> method =POST= =http://www.mydomain.com/caldav/index.php= == =/caldav= =/var/www=, referer: http://www.mydomain.com/caldav/
davical: ALL: I18N:Unsupported locale: : >>0<< = >>en<<, referer: http://www.mydomain.com/caldav/
davical: ALL: I18N:Unsupported locale: : >>1<< = >>en.UTF-8<<, referer: http://www.mydomain.com/caldav/
davical: ALL: caldav:Version (0.9.7) == 9.7, referer: http://www.mydomain.com/caldav/
davical: LOG: always: Query: DBGQ: SELECT schema_major, schema_minor, schema_patch FROM awl_db_revision ORDER BY schema_id DESC LIMIT 1;, referer: http://www.mydomain.com/caldav/
davical: LOG: always: Query: DBGQ: Took: 0.001981 for SELECT schema_major, schema_minor, schema_patch FROM awl_db_revision ORDER BY schema_id DESC LIMIT 1; to find 1 rows., referer: http://www.mydomain.com/caldav/
davical: LOG: always: Query: Fetch: Resource id #12 Rows: 1, Rownum: -1, referer: http://www.mydomain.com/caldav/
davical: ALL: Login: Login: Attempting login for ivan.montoro, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:drivers_ldap : Connected to LDAP server localhost, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:drivers_ldap : Found a user using filter (&(objectclass=*)(uid=ivan.montoro)), referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:drivers_ldap : Bound to user mail=[hidden email],ou=Users,domainName=mydomain.com,o=domains,dc=mydomain,dc=com using password ********, referer: http://www.mydomain.com/caldav/
davical: LOG: always: Query: DBGQ: SELECT *, to_char(updated at time zone 'GMT','Dy, DD Mon IYYY HH24:MI:SS "GMT"') AS modified FROM usr WHERE lower(username) = lower(E'ivan.montoro') , referer: http://www.mydomain.com/caldav/
davical: LOG: always: Query: DBGQ: Took: 0.002271 for SELECT *, to_char(updated at time zone 'GMT','Dy, DD Mon IYYY HH24:MI:SS "GMT"') AS modified FROM usr WHERE lower(username) = lower(E'ivan.montoro') to find 0 rows., referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:user ivan.montoro doesn't exist in local DB, we need to create it, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Going to sync the user from LDAP, referer: http://www.mydomain.com/caldav/
davical: ALL: DataUpdate::get_fields: Loaded fields for table 'usr', referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: DBGQ: SELECT f.attname, t.typname FROM pg_attribute f JOIN pg_class c ON ( f.attrelid = c.oid ) JOIN pg_type t ON ( f.atttypid = t.oid ) WHERE relname = E'usr' AND attnum >= 0 order by f.attnum;, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: DBGQ: Took: 0.002733 for SELECT f.attname, t.typname FROM pg_attribute f JOIN pg_class c ON ( f.attrelid = c.oid ) JOIN pg_type t ON ( f.atttypid = t.oid ) WHERE relname = E'usr' AND attnum >= 0 order by f.attnum; to find 13 rows., referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: -1, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 0, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 1, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 2, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 3, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 4, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 5, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 6, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 7, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 8, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 9, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 10, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 11, referer: http://www.mydomain.com/caldav/
davical: LOG: DataUpdate: Query: Fetch: Resource id #25 Rows: 13, Rownum: 12, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Considering copying username, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Setting usr->username to ivan.montoro from LDAP field uid, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Considering copying updated, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Setting usr->updated to 2010-01-13 14:27:07 from LDAP field modifyTimestamp, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Considering copying fullname, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Setting usr->fullname to Iv\xc3\xa1n Montoro from LDAP field cn, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Considering copying email, referer: http://www.mydomain.com/caldav/
davical: ALL: LDAP:Setting usr->email to [hidden email] from LDAP field mail, referer: http://www.mydomain.com/caldav/
davical: LOG: Login: Query: DBGQ: SELECT nextval('usr_user_no_seq');, referer: http://www.mydomain.com/caldav/
davical: LOG: Login: Query: DBGQ: Took: 0.001121 for SELECT nextval('usr_user_no_seq'); to find 1 rows., referer: http://www.mydomain.com/caldav/
davical: LOG: Login: Query: Fetch: Resource id #26 Rows: 1, Rownum: -1, referer: http://www.mydomain.com/caldav/
davical: LOG: Login: Query: DBGQ: SELECT * FROM usr WHERE user_no = 1009;, referer: http://www.mydomain.com/caldav/
davical: LOG: Login: Query: DBGQ: Took: 0.000502 for SELECT * FROM usr WHERE user_no = 1009; to find 0 rows., referer: http://www.mydomain.com/caldav/
---

This is my config file:
---
<?php
  $c->admin_email  = '[hidden email]';
  $c->pg_connect[] = 'dbname=davical user=davical_app port=5432';

  $c->authenticate_hook['call'] = 'LDAP_check';
  $c->authenticate_hook['config'] = array(
    'host'          => 'localhost',
    'port'          => 389,
    'bindDN'        => 'cn=Manager,dc=mydomain,dc=com',
    'passDN'        => '********',
    'baseDNUsers'   => 'dc=mydomain,dc=com',
    'filterUsers' => 'objectclass=*',
    'protocolVersion' => 3,
    'startTLS'      => true,
    'mapping_field' => array(
                             'username' => 'uid',
                             'updated'  => 'modifyTimestamp',
                             'fullname' => 'cn', // "Common Name"
//                           'user_no'  => 'uidNumber', // Set DAViCAL user no to match Unix uid from LDAP
                             'email'    => 'mail'), //used to create the user based on his LDAP properties
    'format_updated'=> array('Y' => array(0,4),
                             'm' => array(4,2),
                             'd' => array(6,2),
                             'H' => array(8,2),
                             'M' => array(10,2),
                             'S' => array(12,2)), // map LDAP "modifyTimestamp" field to SQL "updated" field
  );
  include('drivers_ldap.php');

$c->dbg["ALL"] = 1;
---

Thanks for the help,

Iván
------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
rscds-general mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/rscds-general
Loading...