#1522 closed defect (fixed)
Login raises exception on IIS
Reported by: | anonymous | Owned by: | Jonas Borgström |
---|---|---|---|
Priority: | normal | Milestone: | 0.9 |
Component: | general | Version: | devel |
Severity: | normal | Keywords: | |
Cc: | Branch: | ||
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
When trying to login to Trac (latest version from trunk) you get:
Oops... Trac detected an internal error: 'NoneType' object has no attribute 'strip' Python traceback Traceback (most recent call last): File "C:\Program Files\Python23\Lib\site-packages\trac\web\cgi_frontend.py", line 103, in run dispatch_request(os.getenv('PATH_INFO').replace(os.getenv('SCRIPT_NAME'),""), req, env) File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 311, in dispatch_request dispatcher.dispatch(req) File "C:\Program Files\Python23\Lib\site-packages\trac\web\main.py", line 190, in dispatch resp = chosen_handler.process_request(req) File "C:\Program Files\Python23\Lib\site-packages\trac\Browser.py", line 284, in process_request normpath = repos.normalize_path(path) File "C:\Program Files\Python23\Lib\site-packages\trac\versioncontrol\cache.py", line 110, in normalize_path return self.repos.normalize_path(path) File "C:\Program Files\Python23\Lib\site-packages\trac\versioncontrol\svn_fs.py", line 177, in normalize_path return path == '/' and path or path.strip('/') AttributeError: 'NoneType' object has no attribute 'strip'
What's wrong? I set up Trac on IIS5 according to the HOWTOs…
Attachments (1)
Change History (15)
comment:1 by , 20 years ago
Milestone: | → 0.9 |
---|
comment:2 by , 20 years ago
Further investigations…
You won't see the exception when turning off logging (since the exception gets raised inside LogModule.process_request).
But what's weird is that you get presented the /log page instead of the "/login page/dialog".
comment:3 by , 20 years ago
Okay, after Matthew's changeset [1710] the LogModule only matches /login requests.
When using [1710] Trac began to Ooops again:
Error No handler matched request to /login
Since I grant anonymous access to Trac this line inside RequestDispatcher.dispatch_request
elif req.remote_user:
fails and leads to the exception. If I restrict access to authenticated users everything works. :-(
comment:4 by , 20 years ago
The error in previous message isn't an exception. This is actually expected if you don't have authentication turned on, since Trac doesn't actually provide a login page. You need to turn on authentication in IIS, but only to get to the "/login" path, not the entire site.
comment:6 by , 20 years ago
The one and only way to protect the "/login" path while disabling authentication for the rest of the site is to write an ISAPI filter. So, I'm wondering if it would be a good idea to write a custom trac isapi filter for the big amount of trac's IIS users. ;-) Is it worth the trouble or should I wait until trac gets its own user authentication?
comment:7 by , 20 years ago
I'm having the same problem, with a Fedora Core 3 Linux server.
unsupported operand type(s) for +: 'NoneType' and 'str' Traceback (most recent call last):
File "/usr/lib/python2.3/site-packages/trac/core.py", line 531, in cgi_start
real_cgi_start()
File "/usr/lib/python2.3/site-packages/trac/core.py", line 526, in real_cgi_start
dispatch_request(path_info, args, req, env)
File "/usr/lib/python2.3/site-packages/trac/core.py", line 441, in dispatch_request
module.run()
File "/usr/lib/python2.3/site-packages/trac/Module.py", line 36, in run
core.populate_hdf(self.req.hdf, self.env, self.db, self.req)
File "/usr/lib/python2.3/site-packages/trac/core.py", line 220, in populate_hdf
hdf.setValue('trac.href.wiki', env.href.wiki())
File "/usr/lib/python2.3/site-packages/trac/Href.py", line 148, in wiki
return href_join(self.base, 'wiki')
File "/usr/lib/python2.3/site-packages/trac/util.py", line 123, in href_join
u1 = rstrip(u1, '/') + '/' + lstrip(u2, '/')
TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'
comment:8 by , 19 years ago
Does someone see a chance to trap the case when path_info == '/login' and req.remote_user is not set in order to send a 401 header? (see my comment on the mailing list) My plan is to send a 401 header in response to the login request to let IIS show up a login box and validate the user by means of the NTLM.
Obviously this should be done in an extern component especially for IIS users since this would be a security hole for Apache users, I guess. Unfortunately I can't make it on my own! :-(
comment:9 by , 19 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
comment:10 by , 19 years ago
Matt, I'm okay with closing this ticket since it solves my initial problem.
As for the IIS login problems, I already tried to adapt auth.py to work with IIS. But all I know by now is that this won't work with the current design of the login mechanism since I have to trap all /login requests, send a 401 header and wait for the remote_user
to be set by the browser. This means that there have to be two /login requests processed by the auth plugin. But it seems to me like Trac somehow falls back to the request dispatcher in this case…
comment:11 by , 19 years ago
Okay, I made basic authentication to work.
I noticed that IIS 5 and below ignores cookies when sent together with a redirect header, so I consider to send a welcome page right after login. In this case there's no need to redirect the user back to referer.
Maybe I'll also add digest authentication soon, so that the password does not get sent in clear text.
I'd be glad if someone of the experts could review my code and test it on Apache as well. Thanks.
by , 19 years ago
comment:12 by , 19 years ago
Component: | general → roadmap |
---|---|
Resolution: | fixed |
Status: | closed → reopened |
Type: | defect → task |
hgjfhgjfhgj
comment:14 by , 19 years ago
Component: | roadmap → general |
---|---|
Resolution: | → fixed |
Status: | reopened → closed |
Type: | task → defect |
This is not a test site. Do not abuse it.
When using [1667] you get:
Why is path of "NoneType"?