Bug 38855 - INVALID_CREDENTIALS not handled in UDM module
INVALID_CREDENTIALS not handled in UDM module
Product: UCS
Classification: Unclassified
Component: UMC - Domain management (Generic)
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0-x
Assigned To: UMC maintainers
Depends on:
  Show dependency treegraph
Reported: 2015-07-08 09:15 CEST by Florian Best
Modified: 2019-01-03 07:17 CET (History)
0 users

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional): Error handling, External feedback
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2015-07-08 09:15:17 CEST
We received the following traceback, 4.0-2 errata215 (Walle).

Execution of command 'udm/superordinates dns/dns' has failed:

Traceback (most recent call last):
  File "%PY2.7%/univention/management/console/base.py", line 282, in execute
    function(self, request)
  File "%PY2.7%/univention/management/console/modules/udm/__init__.py", line 100, in _decorated
    return func(self, request, *a, **kw)
  File "%PY2.7%/univention/management/console/modules/decorators.py", line 316, in _response
    result = _multi_response(self, request)
  File "%PY2.7%/univention/management/console/modules/decorators.py", line 460, in _response
    return list(function(self, iterator, *nones))
  File "%PY2.7%/univention/management/console/modules/decorators.py", line 282, in _fake_func
    yield function(self, *args)
  File "%PY2.7%/univention/management/console/modules/udm/__init__.py", line 713, in superordinates
    return module.superordinates
  File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 937, in superordinates
    objects = module.search(superordinate=so)
  File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 163, in _decorated
    return func(*args, **kwargs)
  File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 146, in wrapper_func
    return _func(*args, **kwargs)
  File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 139, in _func
    ret = func(*args, **kwargs)
  File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 585, in search
    result = self.module.lookup(None, ldap_connection, filter_s, base=container, superordinate=superordinate, scope=scope, sizelimit=sizelimit)
  File "%PY2.7%/univention/admin/handlers/dns/forward_zone.py", line 345, in lookup
    for dn, attrs in lo.search(unicode(filter), base, scope, [], unique, required, timeout, sizelimit):
  File "%PY2.7%/univention/admin/uldap.py", line 358, in search
    raise univention.admin.uexceptions.ldapError(_err2str(msg), original_exception=msg)
ldapError: Invalid credentials
Comment 1 Florian Best univentionstaff 2015-08-11 10:38:33 CEST
Reported again, 4.0-2 errata284 (Walle)
udm/query users/user
Comment 2 Florian Best univentionstaff 2016-09-13 13:23:58 CEST
Maybe we can find a generic solution which is also applicable to UCS@school.
I guess this is possible by adding error handling to bind_user_connection() and raising UMC_Error with status=401 so that the login dialog is shown again and the action can be executed again with the new credentials :)
Comment 3 Stefan Gohmann univentionstaff 2019-01-03 07:17:48 CET
This issue has been filled against UCS 4.0. The maintenance with bug and security fixes for UCS 4.0 has ended on 31st of May 2016.

Customers still on UCS 4.0 are encouraged to update to UCS 4.3. Please contact
your partner or Univention for any questions.

If this issue still occurs in newer UCS versions, please use "Clone this bug" or simply reopen the issue. In this case please provide detailed information on how this issue is affecting you.