Login raises exception on IIS

[anonymous]

When trying to login to Trac (latest version from trunk) you get:

Oops...
Trac detected an internal error:

'NoneType' object has no attribute 'strip'

Python traceback

Traceback (most recent call last):
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\cgi_frontend.py", line 103, in run
    dispatch_request(os.getenv('PATH_INFO').replace(os.getenv('SCRIPT_NAME'),""), req, env)
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 311, in dispatch_request
    dispatcher.dispatch(req)
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 190, in dispatch
    resp = chosen_handler.process_request(req)
  File "C:\Program Files\Python23\Lib\site-packages\trac\Browser.py", line 284, in process_request
    normpath = repos.normalize_path(path)
  File "C:\Program Files\Python23\Lib\site-packages\trac\versioncontrol\cache.py", line 110, in normalize_path
    return self.repos.normalize_path(path)
  File "C:\Program Files\Python23\Lib\site-packages\trac\versioncontrol\svn_fs.py", line 177, in normalize_path
    return path == '/' and path or path.strip('/')
AttributeError: 'NoneType' object has no attribute 'strip'

What's wrong? I set up Trac on IIS5 according to the HOWTOs…

[anonymous]

When using [1667] you get:

Python traceback

Traceback (most recent call last):
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\cgi_frontend.py", line 103, in run
    dispatch_request(os.getenv('PATH_INFO').replace(os.getenv('SCRIPT_NAME'),""), req, env)
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 307, in dispatch_request
    dispatcher.dispatch(req)
  File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 190, in dispatch
    resp = chosen_handler.process_request(req)
  File "C:\Program Files\Python23\Lib\site-packages\trac\Browser.py", line 272, in process_request
    req.hdf['title'] = path + ' (log)'
TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'

Why is path of "NoneType"?

[anonymous]

Further investigations…

You won't see the exception when turning off logging (since the exception gets raised inside LogModule.process_request).
But what's weird is that you get presented the /log page instead of the "/login page/dialog".

[anonymous]

Okay, after Matthew's changeset [1710] the LogModule only matches /login requests.
When using [1710] Trac began to Ooops again:

Error

No handler matched request to /login 

Since I grant anonymous access to Trac this line inside RequestDispatcher.dispatch_request

elif req.remote_user:

fails and leads to the exception. If I restrict access to authenticated users everything works. :-(

[Matthew Good]

The error in previous message isn't an exception. This is actually expected if you don't have authentication turned on, since Trac doesn't actually provide a login page. You need to turn on authentication in IIS, but only to get to the "/login" path, not the entire site.

[anonymous]

Okay, sounds reasonable. I doubt this is possible with IIS, though.

[anonymous]

The one and only way to protect the "/login" path while disabling authentication for the rest of the site is to write an ISAPI filter. So, I'm wondering if it would be a good idea to write a custom trac isapi filter for the big amount of trac's IIS users. ;-) Is it worth the trouble or should I wait until trac gets its own user authentication?

[anonymous]

I'm having the same problem, with a Fedora Core 3 Linux server.

unsupported operand type(s) for +: 'NoneType' and 'str' Traceback (most recent call last):

File "/usr/lib/python2.3/site-packages/trac/core.py", line 531, in cgi_start

real_cgi_start()

File "/usr/lib/python2.3/site-packages/trac/core.py", line 526, in real_cgi_start

dispatch_request(path_info, args, req, env)

File "/usr/lib/python2.3/site-packages/trac/core.py", line 441, in dispatch_request

module.run()

File "/usr/lib/python2.3/site-packages/trac/Module.py", line 36, in run

core.populate_hdf(self.req.hdf, self.env, self.db, self.req)

File "/usr/lib/python2.3/site-packages/trac/core.py", line 220, in populate_hdf

hdf.setValue('trac.href.wiki', env.href.wiki())

File "/usr/lib/python2.3/site-packages/trac/Href.py", line 148, in wiki

return href_join(self.base, 'wiki')

File "/usr/lib/python2.3/site-packages/trac/util.py", line 123, in href_join

u1 = rstrip(u1, '/') + '/' + lstrip(u2, '/')

TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'

[markus]

Does someone see a chance to trap the case when path_info == '/login' and req.remote_user is not set in order to send a 401 header? (see ​my comment on the mailing list) My plan is to send a 401 header in response to the login request to let IIS show up a login box and validate the user by means of the NTLM.

Obviously this should be done in an extern component especially for IIS users since this would be a security hole for Apache users, I guess. Unfortunately I can't make it on my own! :-(

[Matthew Good]

Well, it seems like the real issue here was fixed by [1710].

Markus regarding handling IIS login see #1855 on extending Trac's authentication process.

[markus]

Matt, I'm okay with closing this ticket since it solves my initial problem.

As for the IIS login problems, I already tried to adapt auth.py to work with IIS. But all I know by now is that this won't work with the current design of the login mechanism since I have to trap all /login requests, send a 401 header and wait for the remote_user to be set by the browser. This means that there have to be two /login requests processed by the auth plugin. But it seems to me like Trac somehow falls back to the request dispatcher in this case…

[markus]

Okay, I made basic authentication to work.

I noticed that IIS 5 and below ignores cookies when sent together with a redirect header, so I consider to send a welcome page right after login. In this case there's no need to redirect the user back to referer.

Maybe I'll also add digest authentication soon, so that the password does not get sent in clear text.

I'd be glad if someone of the experts could review my code and test it on Apache as well. Thanks.

[anonymous]

hgjfhgjfhgj

[anonymous]

hgjdhgbb

[Matthew Good]

This is not a test site. Do not abuse it.