LDAP: cannot update information in database due to encoding

Get help from other users here.

Moderators: Developer, Contributor

Post Reply
theseus
Posts: 1
Joined: Dec 16, 2019 3:11 am

LDAP: cannot update information in database due to encoding

Post by theseus »

Hello all,

I installed Mantis BT through a docker container which I modified to use LDAP.
I configured my install using these settings:

Code: Select all

#LDAP
$g_login_method			= LDAP;
$g_reauthentication_expiry	= 3600;
$g_ldap_server			        = '<DC_IP>:389';
$g_ldap_root_dn			= '<OUR_OU>';
$g_ldap_bind_dn			= '<DC_BIND_USER>';
$g_ldap_bind_passwd		= '<DC_BIND_PWD>';
$g_ldap_uid_field		        = 'sAMAccountName';
$g_ldap_realname_field		= 'CN';
$g_use_ldap_realname		= ON;
$g_use_ldap_email		        = ON;
$g_log_level			        = LOG_LDAP;
$g_log_destination		        = 'file:/var/www/html/config/debug.log';
I cannot log in because I receive the following error:

Code: Select all


APPLICATION ERROR #401

Database query failed. Error received from database was #-1: ERROR: invalid byte sequence for encoding "UTF8": 0xe9 0x67 0x6f for the query: UPDATE mantis_user_mantis SET password=$1 , realname=$2 , email=$3 WHERE id=$4.
Please use the "Back" button in your web browser to return to the previous page. There you can correct whatever problems were identified in this error or select another action. You can also click an option from the menu bar to go directly to a new section.
The user real name I try to connect with has non-ascii characters: "Grégory"

In the debug file, I see that the LDAP has been working correctly and I believe it's really the last part (updating the login and password in the DB that causes the issue):

Code: Select all

2019-12-16 08:52 CET LDAP ldap_api.php:327 ldap_authenticate_by_username() Binding to LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI '<DC_IP>:389'.
2019-12-16 08:52 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2019-12-16 08:52 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2019-12-16 08:52 CET LDAP ldap_api.php:335 ldap_authenticate_by_username() Searching for (&(sAMAccountName=administrator))
2019-12-16 08:52 CET LDAP ldap_api.php:367 ldap_authenticate_by_username() No matching entries found
2019-12-16 08:52 CET LDAP ldap_api.php:370 ldap_authenticate_by_username() Unbinding from LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:397 ldap_authenticate_by_username() Authentication failed
2019-12-16 08:52 CET LDAP ldap_api.php:227 ldap_get_field_from_username() Retrieving field 'mail' for 'gsa'
2019-12-16 08:52 CET LDAP ldap_api.php:230 ldap_get_field_from_username() Binding to LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI '<DC_IP>:389'.
2019-12-16 08:52 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2019-12-16 08:52 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2019-12-16 08:52 CET LDAP ldap_api.php:241 ldap_get_field_from_username() Searching for (&(sAMAccountName=gsa))
2019-12-16 08:52 CET LDAP ldap_api.php:259 ldap_get_field_from_username() Unbinding from LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:273 ldap_get_field_from_username() Found value 'gregory.<name>@<name>.com' for field 'mail'.
2019-12-16 08:52 CET LDAP ldap_api.php:227 ldap_get_field_from_username() Retrieving field 'mail' for 'gsa'
2019-12-16 08:52 CET LDAP ldap_api.php:230 ldap_get_field_from_username() Binding to LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI '<DC_IP>:389'.
2019-12-16 08:52 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2019-12-16 08:52 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2019-12-16 08:52 CET LDAP ldap_api.php:241 ldap_get_field_from_username() Searching for (&(sAMAccountName=gsa))
2019-12-16 08:52 CET LDAP ldap_api.php:259 ldap_get_field_from_username() Unbinding from LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:273 ldap_get_field_from_username() Found value 'gregory.<name>@<name>.com' for field 'mail'.
2019-12-16 08:52 CET LDAP ldap_api.php:327 ldap_authenticate_by_username() Binding to LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI '<DC_IP>:389'.
2019-12-16 08:52 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2019-12-16 08:52 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2019-12-16 08:52 CET LDAP ldap_api.php:335 ldap_authenticate_by_username() Searching for (&(sAMAccountName=gsa))
2019-12-16 08:52 CET LDAP ldap_api.php:358 ldap_authenticate_by_username() Checking CN=Grgory <name>,<rest_of_the_OU>
2019-12-16 08:52 CET LDAP ldap_api.php:370 ldap_authenticate_by_username() Unbinding from LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:227 ldap_get_field_from_username() Retrieving field 'CN' for 'gsa'
2019-12-16 08:52 CET LDAP ldap_api.php:230 ldap_get_field_from_username() Binding to LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI '<DC_IP>:389'.
2019-12-16 08:52 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2019-12-16 08:52 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2019-12-16 08:52 CET LDAP ldap_api.php:241 ldap_get_field_from_username() Searching for (&(sAMAccountName=gsa))
2019-12-16 08:52 CET LDAP ldap_api.php:259 ldap_get_field_from_username() Unbinding from LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:273 ldap_get_field_from_username() Found value 'Grgory <name>' for field 'CN'.
2019-12-16 08:52 CET LDAP ldap_api.php:227 ldap_get_field_from_username() Retrieving field 'mail' for 'gsa'
2019-12-16 08:52 CET LDAP ldap_api.php:230 ldap_get_field_from_username() Binding to LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:63 ldap_connect_bind() Attempting connection to LDAP server/URI '<DC_IP>:389'.
2019-12-16 08:52 CET LDAP ldap_api.php:66 ldap_connect_bind() Connection accepted by LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:101 ldap_connect_bind() Attempting bind to ldap server with username and password
2019-12-16 08:52 CET LDAP ldap_api.php:114 ldap_connect_bind() Bind to ldap server successful
2019-12-16 08:52 CET LDAP ldap_api.php:241 ldap_get_field_from_username() Searching for (&(sAMAccountName=gsa))
2019-12-16 08:52 CET LDAP ldap_api.php:259 ldap_get_field_from_username() Unbinding from LDAP server
2019-12-16 08:52 CET LDAP ldap_api.php:273 ldap_get_field_from_username() Found value 'gregory.<name>@<name>.com' for field 'mail'.
As you can see in the above log, the data used by PHP seems already to be dodgy as I already lost my "é" :( :

Code: Select all

[...]
2019-12-16 08:52 CET LDAP ldap_api.php:358 ldap_authenticate_by_username() Checking CN=Grgory <name>,<rest_of_the_OU>
[...]
I tried to run the query directly in my DB with the non-ascii characters and it's working fine.
I have checked the encoding in my database and it seems to be all OK:

Code: Select all

postgres=# show server_encoding ;
 server_encoding 
-----------------
 UTF8
(1 row)

postgres=# show client_encoding ;
 client_encoding 
-----------------
 UTF8
(1 row)
I have mbstring installed as part of the container, so it should be able to support UTF-8.

As mentioned in my signature, the info about the components are:

Mantis: 2.23.0
PHP: 5.6
SQL: PostgreSQL 11
Web: Apache
Deployment: Docker (xlrl/mantisbt image modified to include ldap)
OS: Ubuntu server 18.04

Any help would be greatly appreciated!
Mantis: 2.23.0
PHP: 5.6
SQL: PostgreSQL 11
Web: Apache
Deployment: Docker (xlrl/mantisbt image modified to include ldap)
OS: Ubuntu server 18.04

Post Reply