Bug 40581

Summary: Self service fails if authentication as self-service user fails
Product: UCS Reporter: Florian Best <best>
Component: Self ServiceAssignee: Florian Best <best>
Status: CLOSED FIXED QA Contact: Daniel Tröder <troeder>
Severity: normal    
Priority: P5 CC: walkenhorst
Version: UCS 4.1   
Target Milestone: UCS 4.1-0-errata   
Hardware: Other   
OS: Linux   
See Also: https://forge.univention.org/bugzilla/show_bug.cgi?id=40582
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional): Error handling
Max CVSS v3 score:

Description Florian Best univentionstaff 2016-02-04 13:00:16 CET 
[04/Feb/2016:12:36:18] HTTP Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cprequest.py", line 664, in respond
    inst.set_response()
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cperror.py", line 376, in set_response
    message=self._message), 'utf-8')
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cperror.py", line 382, in get_error_page
    return get_error_page(*args, **kwargs)
  File "/usr/lib/python2.7/dist-packages/cherrypy/_cperror.py", line 462, in get_error_page
    try:
  File "/usr/lib/python2.7/cgi.py", line 1035, in escape
    s = s.replace("&", "&amp;") # Must be done first!
AttributeError: 'dict' object has no attribute 'replace'
Comment 1 Florian Best univentionstaff 2016-02-04 13:03:16 CET 
univention-self-service (1.0.3-16):
r67169 | Bug #40581: fix error handling
Comment 2 Florian Best univentionstaff 2016-02-04 16:53:32 CET 
This was e.g. caused by Bug #40582.
Comment 3 Daniel Tröder univentionstaff 2016-02-08 11:26:05 CET 
OK: Code change
OK: advisory
OK: manual test:

root@ms48:~# dpkg -l univention-self-service
ii  univention-self-service     1.0.3-14.60.201601

root@ms48:~# mv /etc/self-service-ldap.secret /etc/self-service-ldap.secret.bak
root@ms48:~# touch /etc/self-service-ldap.secret

Try https://10.200.3.48/univention-self-service/?lang=en-US#passwordreset

→ error from comment 0

root@ms48:~# aptitude -V install univention-self-service univention-self-service-passwordreset-umc
The following packages will be upgraded: 
  univention-self-service [1.0.3-14.60.201601151445 -> 1.0.3-20.66.201602051338]  
  univention-self-service-passwordreset-umc [1.0.3-14.60.201601151445 -> 1.0.3-20.66.201602051338]  

root@ms48:~# tail -f /var/log/univention/self-service-error.log

Try https://10.200.3.48/univention-self-service/?lang=en-US#passwordreset

[08/Feb/2016:05:23:42]  Authentication on UMC at ms48.uni.dtr failed: {u'status': 401, u'message': u'The authentication has failed, please login again.'}
[08/Feb/2016:05:23:42]  Password Reset: Authentication failed: {u'status': 401, u'message': u'The authentication has failed, please login again.'}

→ no uncaught exception, save error message displayed to user
Comment 4 Janek Walkenhorst univentionstaff 2016-02-11 13:59:56 CET 
<http://errata.software-univention.de/ucs/4.1/110.html>