Nanocloud/nanocloud

LDAP authentication only works with an email address as username

Closed this issue · 0 comments

marc-cabocel commented

=== Version ===

  • v2.1.1

=== Steps to reproduce ===

  • Setup Nanocloud v2.1.1 (on AWS)
  • As an admin, go to Configuration > LDAP.
  • Enable LDAP and configure it
  • On the LDAP server side, create a user with a login which is not an email address, for instance svr_nanocloud-m
  • Now log off the admin panel
  • Try to log in with your ldap user credentials

=== Expected Result ===

  • Working

=== Actual Result ===

  • Not working
  • Nothing is being displayed in the GUI
  • By checking the logs, there is an exception raised :

_0|app | You have triggered an unhandledRejection, you may have forgotten to catch a Promise rejection:
0|app | Error (E_VALIDATION) :: 1 attribute is invalid
0|app | at WLValidationError.WLError (/opt/back/node_modules/waterline/lib/waterline/error/WLError.js:25:15)
0|app | at new WLValidationError (/opt/back/node_modules/waterline/lib/waterline/error/WLValidationError.js:19:28)
0|app | at _afterValidating (/opt/back/node_modules/waterline/lib/waterline/query/validate.js:53:23)
0|app | at allValidationsChecked (/opt/back/node_modules/waterline/lib/waterline/core/validations.js:265:12)
0|app | at /opt/back/node_modules/waterline/node_modules/async/lib/async.js:52:16
0|app | at Object.async.forEachOf.async.eachOf (/opt/back/node_modules/waterline/node_modules/async/lib/async.js:236:30)
0|app | at Object.async.forEach.async.each (/opt/back/node_modules/waterline/node_modules/async/lib/async.js:209:22)
0|app | at Validator.validate (/opt/back/node_modules/waterline/lib/waterline/core/validations.js:144:9)
0|app | at /opt/back/node_modules/waterline/lib/waterline/query/validate.js:42:25
0|app | at /opt/back/node_modules/waterline/node_modules/async/lib/async.js:718:13
0|app | at Immediate.iterate (/opt/back/node_modules/waterline/node_modules/async/lib/async.js:262:13)
0|app | at runCallback (timers.js:566:20)
0|app | at tryOnImmediate (timers.js:546:5)
0|app | at processImmediate [as immediateCallback] (timers.js:525:5)

  • By checking the code, it seems the error is raised when the informations retrieved from the LDAP server are integrated to the database. More precisely in the file config/passport.js, when the methond setLdapUser() is called.
  • I checked with a username which was formatted as an email address, the error is not raised