I'm on Rails 5.2 and I have devise with LDAP setup and working in Development. Deploying to prod with capistrano though it errors out when put my username and password in. I get a nomethod error in devise::sessions::create. undefined method `[]' for nil:NilClass. This is the section that errors out:
end
ldap_options = params
ldap_config["ssl"] = :simple_tls if ldap_config["ssl"] === true
ldap_options[:encryption] = ldap_config["ssl"].to_sym if ldap_config["ssl"]
#ldap = Net::LDAP.new(ldap_options)
Here is my LDAP config:
authorizations: &AUTHORIZATIONS
required_groups:
- CN=GROUP1,OU=Users,OU=mysite,DC=ad,DC=com
## Environment
development:
host: mysite.com
port: 389
attribute: sAMAccountName
base: dc=ad,dc=com
admin_user: user
admin_password: password
ssl: false
<<: *AUTHORIZATIONS
production:
host: mysite.com
port: 389
attribute: sAMAccountName
base: dc=ad,dc=com
admin_user: user
admin_password: password
ssl: false
<<: *AUTHORIZATIONS
Any thoughts on why this only does this in production?
I figured it out! In my LDAP.yml file the production connection section was indented by one space. This was causing it to not load the config correctly. Aligning the productions ection to the left all the way fixed it. Everything is working now.
Related
I add to configuration.yml email settings. But notifications not come to email. I try to send test mail from settings page, but also I doesn`t recieve any emails.
configuration.yml:
default:
email_delivery:
smtp_settings:
address: mail.mysite.ru
port: 587
authentication: :login
user_name: "redmine#mysite.ru"
password: "mypass"
Production.log (https://yadi.sk/d/31jli2yOiraHn1) doesn`t contains mail errors, redmine.error.log is empty.
I don't know if you're missing smtp settings for development/production environment. If so, try
default: &default
email_delivery:
smtp_settings:
# Your settings
development:
<<: *default
production:
<<: *default
# Override default settings if necessary
user_name: "redmine#othersite.ru"
password: "otherpass"
Since you're using port 587, I suppose your smtp server uses StartTLS to secure mail exchanges. So you have to add the following line in your smtp_settings:
enable_starttls_auto: true
And if the smtp server is using untrusted SSL certification, then add this line too:
openssl_verify_mode: 'none'
Try sending email again. If still not working, then try changing authentication: :login to authentication: :plain.
I am new to LDAP and been playing around with this for a while now. I have a rails app where I need to authenticate a user if he is from a group. I tried few params but got nothing to work. Any help would be appreciated. Thanks in advance.
Here is the devise_ldap settings and terminal output.
devise_ldap settings - ldap.yml
authorizations: &AUTHORIZATIONS
group_base: dc=skcript,dc=com
required_groups:
- ou=try1,dc=skcript,dc=com
- ["moreMembers", "cn=users,ou=groups,dc=test,dc=com"]
require_attribute:
objectClass: inetOrgPerson
authorizationRole: postsAdmin
development:
host: localhost
port: 389
attribute: "uid"
base: ou=try1,dc=skcript,dc=com
admin_user: cn=admin,dc=skcript,dc=com
admin_password: password
ssl: false
<<: *AUTHORIZATIONS
This should work :
authorizations: &AUTHORIZATIONS
group_base: dc=skcript,dc=com
require_attribute:
objectClass: inetOrgPerson
authorizationRole: postsAdmin
uniqueMember: ou=try1,dc=skcript,dc=com
required_groups checks your group dn against the uniqueMember attribute by default.
Check that the attribute storing group data in your LDAP server has the same name.
Don't forget to set this in your devise.rb :
config.ldap_check_attributes = true
For more information : https://github.com/cschiewek/devise_ldap_authenticatable/issues/96
My team has setup my ruby on rails app to work with devise ldap. Whenever a user logs in for the first time, it creates a new entry in the Users model and works completely fine. But whenever a user that already exist in the Users database tries to login it gives the following error:
NoMethodError in Devise::SessionsController#create
undefined method `to' for nil:NilClass
From looking at the server console, it seems like it is failing on this SQL statement:
SELECT `users`.* FROM `users` WHERE `users`.`username` = 'jDoe' LIMIT 1
I think the server is getting no results from that query.
But whenever I run that same sql statement in the ruby console, it gives the correct result (the record of the user attempting to login)
Here are some of my devise configs. I am new to devise and ruby (and I also didn't install the devise) so let me know if you need other config files to debug this problem.
initializers/devise.rb
Devise.setup do |config|
config.ldap_create_user = true
config.ldap_update_password = false
config.mailer_sender = "****"
require 'devise/orm/active_record'
config.authentication_keys = [ :username ]
config.case_insensitive_keys = [ :email ]
config.strip_whitespace_keys = [ :email ]
config.skip_session_storage = [:http_auth]
config.stretches = Rails.env.test? ? 1 : 10
config.reconfirmable = true
config.password_length = 8..128
config.sign_out_via = :delete
end
ldap.yml
authorizations: &AUTHORIZATIONS
group_base: ou=groups,dc=test,dc=com
required_groups:
- cn=admins,ou=groups,dc=test,dc=com
- cn=users,ou=groups,dc=test,dc=com
- ["moreMembers", "cn=users,ou=groups,dc=test,dc=com"]
require_attribute:
objectClass: inetOrgPerson
authorizationRole: postsAdmin
development:
host: ****
port: 636
attribute: uid
base: ou=People,dc=***,dc=com
admin_user: cn=admin,dc=test,dc=com
admin_password: admin_password
ssl: true
test:
host: localhost
port: 3389
attribute: cn
base: ou=people,dc=test,dc=com
admin_user: cn=admin,dc=test,dc=com
admin_password: admin_password
ssl: simple_tls
production:
host: localhost
port: 636
attribute: cn
base: ou=people,dc=test,dc=com
admin_user: cn=admin,dc=test,dc=com
admin_password: admin_password
ssl: start_tls
user.rb
class User < ActiveRecord::Base
devise :ldap_authenticatable, :rememberable, :trackable
attr_accessible :name, :cell, :email, :pref, :type, :username, :password, :password_confirmation, :remember_me
end
My problem happened because I had 2 tables that inherited from User (Client, and Runner) and they both tried to authenticate with the same ldap. When I took out the single table inheritance everything worked fine.
Im trying to set up a Devise Authenticable LDAP login system. Right now, I can get it to work using all users. However, i would like to only use users within a certain group. To illustrate, as of now, using all users, the code looks like this:
production:
host: my.host.domain.com
port: 389
attribute: AccountName
base: cn=users,dc=my,dc=con,dc=to,dc=host
admin_user: adminuser
admin_password: password
ssl: false
So the following is the code i wrote to make it only work within the group "demo2" located within users. However, now it doesnt work with ANY user... Any suggestions?
production:
host: my.host.domain.com
port: 389
attribute: AccountName
base: cn=demo2,cn=users,dc=my,dc=con,dc=to,dc=host
admin_user: adminuser
admin_password: password
ssl: false
I believe you want to use required_groups in your ldap.yml. If you look at the template file you can see the example:
group_base: ou=groups,dc=test,dc=com
## Requires config.ldap_check_group_membership in devise.rb be true
# Can have multiple values, must match all to be authorized required_groups:
# If only a group name is given, membership will be checked against "uniqueMember"
- cn=admins,ou=groups,dc=test,dc=com
I have a rails 2.3.8 app running on heroku, but am having trouble configuring mongoid 1.9.2 with MongoHQ. Has anyone made this work?
Thanks!
To connect to the database you must use the MONGODB_URL variable.
# set these environment variables on your prod server
production:
<<: *defaults
uri: <%= ENV['MONGOHQ_URL'] %>
Also, make sure the host property is not set in the defaults node.strong text
defaults: &defaults
# slaves:
# - host: slave1.local
# port: 27018
# - host: slave2.local
# port: 27019