sources/ldap: log full exception when user password set fails (#5678)
* sources/ldap: log full exception when user password set fails Signed-off-by: Jens Langhammer <jens@goauthentik.io> * Update authentik/sources/ldap/auth.py Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com> Signed-off-by: Jens L. <jens@beryju.org> Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io> Signed-off-by: Jens L. <jens@beryju.org> Co-authored-by: Tana M Berry <tanamarieberry@yahoo.com>
This commit is contained in:
parent
6cf7a72831
commit
9c69f67778
|
@ -55,7 +55,7 @@ class LDAPBackend(InbuiltBackend):
|
|||
"""Attempt authentication by binding to the LDAP server as `user`. This
|
||||
method should be avoided as its slow to do the bind."""
|
||||
# Try to bind as new user
|
||||
LOGGER.debug("Attempting Binding as user", user=user)
|
||||
LOGGER.debug("Attempting to bind as user", user=user)
|
||||
try:
|
||||
temp_connection = source.connection(
|
||||
connection_kwargs={
|
||||
|
@ -65,8 +65,8 @@ class LDAPBackend(InbuiltBackend):
|
|||
)
|
||||
temp_connection.bind()
|
||||
return user
|
||||
except LDAPInvalidCredentialsResult as exception:
|
||||
LOGGER.debug("LDAPInvalidCredentialsResult", user=user, error=exception)
|
||||
except LDAPException as exception:
|
||||
LOGGER.warning(exception)
|
||||
except LDAPInvalidCredentialsResult as exc:
|
||||
LOGGER.debug("invalid LDAP credentials", user=user, exc=exc)
|
||||
except LDAPException as exc:
|
||||
LOGGER.warning("failed to bind to LDAP", exc=exc)
|
||||
return None
|
||||
|
|
|
@ -6,6 +6,7 @@ from django.dispatch import receiver
|
|||
from django.utils.translation import gettext_lazy as _
|
||||
from ldap3.core.exceptions import LDAPOperationResult
|
||||
from rest_framework.serializers import ValidationError
|
||||
from structlog.stdlib import get_logger
|
||||
|
||||
from authentik.core.models import User
|
||||
from authentik.core.signals import password_changed
|
||||
|
@ -20,6 +21,8 @@ from authentik.sources.ldap.sync.users import UserLDAPSynchronizer
|
|||
from authentik.sources.ldap.tasks import ldap_sync
|
||||
from authentik.stages.prompt.signals import password_validate
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
||||
|
||||
@receiver(post_save, sender=LDAPSource)
|
||||
def sync_ldap_source_on_save(sender, instance: LDAPSource, **_):
|
||||
|
@ -67,6 +70,7 @@ def ldap_sync_password(sender, user: User, password: str, **_):
|
|||
try:
|
||||
changer.change_password(user, password)
|
||||
except LDAPOperationResult as exc:
|
||||
LOGGER.warning("failed to set LDAP password", exc=exc)
|
||||
Event.new(
|
||||
EventAction.CONFIGURATION_ERROR,
|
||||
message=(
|
||||
|
|
Reference in a new issue