Skip to content
Snippets Groups Projects
New issue look: Off

HTTP 500 Error on first time login of LDAP users with incompatible characters

    • Closed Issue created by username-removed-58243 @thalionath

    I have a user with lastname 'Lüthi' which is not able to log in via LDAP for the first time (account creation fails). A 500 Encoding Error is returned at URL /user/auth/ldap/callback.

    Users without vowels in their LDAP record can login an create a new account. The error is reproducable by navigating to /users/sign_in and entering the credentials of an exsting LDAP, but non-existing GitLab user with non-ASCII characters in the LDAP record.

    I have an GitLab CE 7.3.1 1660aa23 instance running from source on an Ubuntu 14.04.1 LTS (GNU/Linux 3.13.0-36-generic x86_64). Ruby 2.1.2p95. Rails 4.1.1.

    production.log

    Started GET "/users/sign_in" for 127.0.0.1 at 2014-09-30 16:44:52 +0200
Processing by SessionsController#new as HTML
Completed 200 OK in 16ms (Views: 11.2ms | ActiveRecord: 0.0ms)
Started POST "/users/auth/ldap/callback" for 127.0.0.1 at 2014-09-30 16:45:06 +0200
Processing by OmniauthCallbacksController#ldap as HTML
Parameters: {"utf8"=>"✓", "authenticity_token"=>"ugpzh2YwMcZP4UXY6N9gJTwShwMtpJtErxhp7zFjz9w=", "username"=>"luethim", "password"=>"[FILTERED]"}
Encoding::CompatibilityError (incompatible character encodings: ASCII-8BIT and UTF-8):
lib/gitlab/oauth/user.rb:50:in `save_and_trigger_callbacks'
lib/gitlab/oauth/user.rb:19:in `create'
lib/gitlab/ldap/user.rb:15:in `find_or_create'
app/controllers/omniauth_callbacks_controller.rb:21:in `ldap'
Completed 500 Internal Server Error in 129ms (Views: 3.2ms | ActiveRecord: 3.3ms)

    LDAP Query of the affected user:

    # extended LDIF
#
# LDAPv3
# base <OU=[FILTERED],OU=[FILTERED],DC=[FILTERED],DC=[FILTERED],DC=[FILTERED]> with scope subtree
# filter: sAMAccountName=luethim
# requesting: mail
#

# L\C3\BCthi Matthias (luethim), [FILTERED], [FILTERED], [FILTERED]
dn:: [FILTERED]
mail: luethi@[FILTERED]

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

    sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true

    Checking Environment ...

Git configured for git user? ... yes

Checking Environment ... Finished

Checking GitLab Shell ...

GitLab Shell version >= 2.0.0 ? ... OK (2.0.0)
Repo base directory exists? ... yes
Repo base directory is a symlink? ... no
Repo base owned by git:git? ... yes
Repo base access is drwxrws---? ... yes
Satellites access is drwxr-x---? ... yes
hooks directories in repos are links: ... 
10/4 ... ok
10/5 ... ok
6/6 ... ok
8/7 ... ok
6/9 ... ok
8/12 ... ok
10/14 ... ok
10/16 ... ok
20/19 ... ok
10/23 ... ok
3/24 ... ok
3/25 ... repository is empty
8/26 ... ok
8/27 ... ok
22/29 ... ok
8/30 ... ok
10/31 ... ok
22/32 ... ok
6/33 ... ok
8/34 ... ok
8/35 ... ok
3/36 ... ok
8/37 ... ok
10/40 ... ok
8/43 ... ok
10/44 ... ok
33/48 ... ok
36/49 ... ok
2/50 ... ok
8/51 ... ok
40/54 ... ok
8/55 ... ok
40/56 ... ok
10/57 ... ok
10/58 ... ok
10/59 ... ok
4/60 ... ok
36/61 ... ok
20/62 ... ok
10/63 ... ok
32/64 ... ok
10/67 ... ok
42/68 ... ok
42/69 ... ok
42/70 ... ok
39/72 ... ok
10/74 ... ok
43/77 ... ok
43/78 ... ok
32/79 ... ok
43/80 ... ok
46/81 ... ok
20/82 ... ok
48/83 ... ok
8/84 ... ok
30/85 ... ok
2/86 ... ok
Running /home/git/gitlab-shell/bin/check
Check GitLab API access: OK
Check directories and files: 
	/home/git/repositories: OK
	/home/git/.ssh/authorized_keys: OK
Test redis-cli executable: redis-cli 2.8.4
Send ping to redis server: PONG
gitlab-shell self-check successful

Checking GitLab Shell ... Finished

Checking Sidekiq ...

Running? ... yes
Number of Sidekiq processes ... 1

Checking Sidekiq ... Finished

Checking LDAP ...

LDAP users with access to your GitLab server (only showing the first 100 results)
(REMOVED)

Checking LDAP ... Finished

Checking GitLab ...

Database config exists? ... yes
Database is SQLite ... no
All migrations up? ... yes
Database contains orphaned UsersGroups? ... no
GitLab config exists? ... yes
GitLab config outdated? ... no
Log directory writable? ... yes
Tmp directory writable? ... yes
Init script exists? ... yes
Init script up-to-date? ... yes
projects have namespace: ... 
10/4 ... yes
10/5 ... yes
6/6 ... yes
8/7 ... yes
6/9 ... yes
8/12 ... yes
10/14 ... yes
10/16 ... yes
20/19 ... yes
10/23 ... yes
3/24 ... yes
3/25 ... yes
8/26 ... yes
8/27 ... yes
22/29 ... yes
8/30 ... yes
10/31 ... yes
22/32 ... yes
6/33 ... yes
8/34 ... yes
8/35 ... yes
3/36 ... yes
8/37 ... yes
10/40 ... yes
8/43 ... yes
10/44 ... yes
33/48 ... yes
36/49 ... yes
2/50 ... yes
8/51 ... yes
40/54 ... yes
8/55 ... yes
40/56 ... yes
10/57 ... yes
10/58 ... yes
10/59 ... yes
4/60 ... yes
36/61 ... yes
20/62 ... yes
10/63 ... yes
32/64 ... yes
10/67 ... yes
42/68 ... yes
42/69 ... yes
42/70 ... yes
39/72 ... yes
10/74 ... yes
43/77 ... yes
43/78 ... yes
32/79 ... yes
43/80 ... yes
46/81 ... yes
20/82 ... yes
48/83 ... yes
8/84 ... yes
30/85 ... yes
2/86 ... yes
Projects have satellites? ... 
10/4 ... yes
10/5 ... yes
6/6 ... yes
8/7 ... yes
6/9 ... yes
8/12 ... yes
10/14 ... yes
10/16 ... yes
20/19 ... yes
10/23 ... yes
3/24 ... yes
3/25 ... yes
8/26 ... yes
8/27 ... yes
22/29 ... yes
8/30 ... yes
10/31 ... yes
22/32 ... yes
6/33 ... yes
8/34 ... yes
8/35 ... yes
3/36 ... yes
8/37 ... yes
10/40 ... yes
8/43 ... yes
10/44 ... yes
33/48 ... yes
36/49 ... yes
2/50 ... yes
8/51 ... yes
40/54 ... yes
8/55 ... yes
40/56 ... yes
10/57 ... yes
10/58 ... yes
10/59 ... yes
4/60 ... yes
36/61 ... yes
20/62 ... yes
10/63 ... yes
32/64 ... yes
10/67 ... yes
42/68 ... yes
42/69 ... yes
42/70 ... yes
39/72 ... yes
10/74 ... yes
43/77 ... yes
43/78 ... yes
32/79 ... yes
43/80 ... yes
46/81 ... yes
20/82 ... yes
48/83 ... yes
8/84 ... yes
30/85 ... yes
2/86 ... yes
Redis version >= 2.0.0? ... yes
Ruby version >= 2.0.0 ? ... yes (2.1.2)
Your git bin path is "/usr/bin/git"
Git version >= 1.7.10 ? ... yes (2.1.1)

Checking GitLab ... Finished

    Designs

    Child items 0

    • No child items are currently open.

    Activity

    Please register or sign in to reply