LDAP auth with Perl auth handler doesn't work with CJK
I am setting up a new Redmine server for a Chinese company. They have an Active Directory server which runs just fine.
I set up everything in Redmine and it's running smoothly.
I integrated svn using mod_dav, following this tutorial:
(with some slight modification because I'm using an x86_64 CentOS 5.9)
I set up 3 LDAP entry, which pretty much look like the following:
The log informations are working, I tested it alot.
I have only one project, only one group that is "developper" on that project, and the repository is well configured.
My users in (1) and (2) is in the group, my user in (3) is not.
The 3 of them are perfectly able to log on Redmine.
When I try to "svn ls http://redmine/svn/reponame" or go on the web interface with account (3), I get the expected result: Go to hell.
When I try to "svn ls http://redmine/svn/reponame" or go on the web interface with account (1), I can access it as expected.
Buy when I try the same with account (2), or other accounts belonging to the 2nd LDAP server, I get:
[Mon May 13 17:08:31 2013] [error] [client 192.168.3.79] access to /svn/redmine failed, reason: verification of user id 'xxxxxx' not configured
My virtual host is almost exactly the same as the one given in the above tutorial, except for a slight variation (it can probably be done cleaner, but I'm not an apache pro right
<Limit GET PROPFIND OPTIONS REPORT>
Allow from 127.0.0.1
However removing this part doesn't make things work.
I believe this to be a bug in the perl authentification / authorization module which doesn't handle the Chinese OU well.
Can any Ruby guru take a look at it, it would be very much appreciated to have a fix.
I let someone more affiliated to Redmine setting the priority (or I would go for urgent !).
Here's rake about and svn info.
[root@glpi redmine]# RAILS_ENV=production rake about
About your application's environment
Ruby version 2.0.0 (x86_64-linux)
RubyGems version 2.0.2
Rack version 1.4
Rails version 3.2.13
Active Record version 3.2.13
Action Pack version 3.2.13
Active Resource version 3.2.13
Action Mailer version 3.2.13
Active Support version 3.2.13
Middleware Rack::Cache, ActionDispatch::Static, Rack::Lock, #<ActiveSupport::Cache::Strategy::LocalCache::Middleware:0x002b9855625d40>, Rack::Runtime, Rack::MethodOverride, ActionDispatch::RequestId, Rails::Rack::Logger, ActionDispatch::ShowExceptions, ActionDispatch::DebugExceptions, ActionDispatch::RemoteIp, ActionDispatch::Callbacks, ActiveRecord::ConnectionAdapters::ConnectionManagement, ActiveRecord::QueryCache, ActionDispatch::Cookies, ActionDispatch::Session::CookieStore, ActionDispatch::Flash, ActionDispatch::ParamsParser, ActionDispatch::Head, Rack::ConditionalGet, Rack::ETag, ActionDispatch::BestStandardsSupport, OpenIdAuthentication
Application root /var/www/redmine
Database adapter mysql2
Database schema version 20130217094251
[root@glpi redmine]# svn info
Repository Root: http://svn.redmine.org/redmine
Repository UUID: e93f8b46-1217-0410-a6f0-8f06a7374b81
Updated by Mathias LANG about 10 years ago
A possible workaround,and a proof that's definitely the encoding, is to use GUID as baseDN.
I moved my bind account to a plain-ascii OU, and replaced baseDN with it's <GUID=..........> equivalent, and it is now working.