Edgewall Software
Modify

Opened 15 years ago

Closed 14 years ago

Last modified 13 years ago

#1522 closed defect (fixed)

Login raises exception on IIS

Reported by: anonymous Owned by: Jonas Borgström
Priority: normal Milestone: 0.9
Component: general Version: devel
Severity: normal Keywords:
Cc: Branch:
Release Notes:
API Changes:

Description

When trying to login to Trac (latest version from trunk) you get:

Oops...
Trac detected an internal error:

'NoneType' object has no attribute 'strip'

Python traceback

Traceback (most recent call last):
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\cgi_frontend.py", line 103, in run
    dispatch_request(os.getenv('PATH_INFO').replace(os.getenv('SCRIPT_NAME'),""), req, env)
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 311, in dispatch_request
    dispatcher.dispatch(req)
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 190, in dispatch
    resp = chosen_handler.process_request(req)
  File "C:\Program Files\Python23\Lib\site-packages\trac\Browser.py", line 284, in process_request
    normpath = repos.normalize_path(path)
  File "C:\Program Files\Python23\Lib\site-packages\trac\versioncontrol\cache.py", line 110, in normalize_path
    return self.repos.normalize_path(path)
  File "C:\Program Files\Python23\Lib\site-packages\trac\versioncontrol\svn_fs.py", line 177, in normalize_path
    return path == '/' and path or path.strip('/')
AttributeError: 'NoneType' object has no attribute 'strip'

What's wrong? I set up Trac on IIS5 according to the HOWTOs…

Attachments (1)

auth.py (8.0 KB ) - added by markus 14 years ago.

Download all attachments as: .zip

Change History (15)

comment:1 by anonymous, 15 years ago

Milestone: 0.9

When using [1667] you get:

Python traceback

Traceback (most recent call last):
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\cgi_frontend.py", line 103, in run
    dispatch_request(os.getenv('PATH_INFO').replace(os.getenv('SCRIPT_NAME'),""), req, env)
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 307, in dispatch_request
    dispatcher.dispatch(req)
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 190, in dispatch
    resp = chosen_handler.process_request(req)
  File "C:\Program Files\Python23\Lib\site-packages\trac\Browser.py", line 272, in process_request
    req.hdf['title'] = path + ' (log)'
TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'

Why is path of "NoneType"?

comment:2 by anonymous, 15 years ago

Further investigations…

You won't see the exception when turning off logging (since the exception gets raised inside LogModule.process_request).
But what's weird is that you get presented the /log page instead of the "/login page/dialog".

comment:3 by anonymous, 15 years ago

Okay, after Matthew's changeset [1710] the LogModule only matches /login requests.
When using [1710] Trac began to Ooops again:

Error

No handler matched request to /login 

Since I grant anonymous access to Trac this line inside RequestDispatcher.dispatch_request

elif req.remote_user:

fails and leads to the exception. If I restrict access to authenticated users everything works. :-(

comment:4 by Matthew Good, 15 years ago

The error in previous message isn't an exception. This is actually expected if you don't have authentication turned on, since Trac doesn't actually provide a login page. You need to turn on authentication in IIS, but only to get to the "/login" path, not the entire site.

comment:5 by anonymous, 15 years ago

Okay, sounds reasonable. I doubt this is possible with IIS, though.

comment:6 by anonymous, 15 years ago

The one and only way to protect the "/login" path while disabling authentication for the rest of the site is to write an ISAPI filter. So, I'm wondering if it would be a good idea to write a custom trac isapi filter for the big amount of trac's IIS users. ;-) Is it worth the trouble or should I wait until trac gets its own user authentication?

comment:7 by anonymous, 14 years ago

I'm having the same problem, with a Fedora Core 3 Linux server.

unsupported operand type(s) for +: 'NoneType' and 'str' Traceback (most recent call last):

File "/usr/lib/python2.3/site-packages/trac/core.py", line 531, in cgi_start

real_cgi_start()

File "/usr/lib/python2.3/site-packages/trac/core.py", line 526, in real_cgi_start

dispatch_request(path_info, args, req, env)

File "/usr/lib/python2.3/site-packages/trac/core.py", line 441, in dispatch_request

module.run()

File "/usr/lib/python2.3/site-packages/trac/Module.py", line 36, in run

core.populate_hdf(self.req.hdf, self.env, self.db, self.req)

File "/usr/lib/python2.3/site-packages/trac/core.py", line 220, in populate_hdf

hdf.setValue('trac.href.wiki', env.href.wiki())

File "/usr/lib/python2.3/site-packages/trac/Href.py", line 148, in wiki

return href_join(self.base, 'wiki')

File "/usr/lib/python2.3/site-packages/trac/util.py", line 123, in href_join

u1 = rstrip(u1, '/') + '/' + lstrip(u2, '/')

TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'

comment:8 by markus, 14 years ago

Does someone see a chance to trap the case when path_info == '/login' and req.remote_user is not set in order to send a 401 header? (see my comment on the mailing list) My plan is to send a 401 header in response to the login request to let IIS show up a login box and validate the user by means of the NTLM.

Obviously this should be done in an extern component especially for IIS users since this would be a security hole for Apache users, I guess. Unfortunately I can't make it on my own! :-(

comment:9 by Matthew Good, 14 years ago

Resolution: fixed
Status: newclosed

Well, it seems like the real issue here was fixed by [1710].

Markus regarding handling IIS login see #1855 on extending Trac's authentication process.

comment:10 by markus, 14 years ago

Matt, I'm okay with closing this ticket since it solves my initial problem.

As for the IIS login problems, I already tried to adapt auth.py to work with IIS. But all I know by now is that this won't work with the current design of the login mechanism since I have to trap all /login requests, send a 401 header and wait for the remote_user to be set by the browser. This means that there have to be two /login requests processed by the auth plugin. But it seems to me like Trac somehow falls back to the request dispatcher in this case…

comment:11 by markus, 14 years ago

Okay, I made basic authentication to work.

I noticed that IIS 5 and below ignores cookies when sent together with a redirect header, so I consider to send a welcome page right after login. In this case there's no need to redirect the user back to referer.

Maybe I'll also add digest authentication soon, so that the password does not get sent in clear text.

I'd be glad if someone of the experts could review my code and test it on Apache as well. Thanks.

by markus, 14 years ago

Attachment: auth.py added

comment:12 by anonymous, 14 years ago

Component: generalroadmap
Resolution: fixed
Status: closedreopened
Type: defecttask

hgjfhgjfhgj

comment:13 by anonymous, 14 years ago

hgjdhgbb

comment:14 by Matthew Good, 14 years ago

Component: roadmapgeneral
Resolution: fixed
Status: reopenedclosed
Type: taskdefect

This is not a test site. Do not abuse it.

Modify Ticket

Change Properties
Set your email in Preferences
Action
as closed The owner will remain Jonas Borgström.
The resolution will be deleted. Next status will be 'reopened'.
to as closed The owner will be changed from Jonas Borgström to the specified user.

Add Comment


E-mail address and name can be saved in the Preferences .
 
Note: See TracTickets for help on using tickets.