Unable to login to app after update to 6.0

mehdi

Hello everyone !

After updating to 6.0, I have an app where I cannot login anymore : my LDAP credentials are rejected.

It's a custom app, but I'm pretty sure the LDAP code is correct, as it's the same as in my other custom apps, and another instance of the app I just installed can login just fine.

What happened is that it's an old app that I didn't use for a while, it was stopped during the update. Now, a few weeks later, I wanted to test something in it, I started it up again, and it does not work anymore.

I think I remember seeing a post on the forum a few weeks a go of someone who had the same issue, and solved it by removing the app and restoring from a backup, but I can't find the post.

In my case, I don't really care because it was just a test app, very far from mission-critical, and had basically no data in it. I don't really want to fix it, but I wanted to report the bug, if the devs want to do some debugging to find out the root cause.

It's really bizarre because, from the terminal, testing the credentials with ldapsearch as explained in the docs seems to work, but the same credentials with known-good nodeJS ldap code fail...

robi

@mehdi there has been some LDAP changes and App updates.

Since this is a custom App, the usual solutions may not apply. ;-/

Not sure it will be a priority for them.

mehdi

@robi I know, as I said in my original message I don't really care about the problem for this app. But as a developper myself, i know how this kind of problem can sometimes be the tip of the iceberg of a more profound issue, and when it's hard to reproduce it's really a pain in the a** to debug ^^ So this is more of a report so they can investigate if they want, and I can give them access to an instance that has the issue in question and run tests & stuff

robi

@mehdi I hear you

jimcavoli

Could you lay in any more detail about the LDAP libraries you're trying to use in that code? My custom LDAP stuff in Ruby via OmniAuth-LDAP has been fine, at least, but particularities of certain libraries/versions could be the issue, I suppose. I've seen things down to capitalization become issues for LDAP-handling code depending on how much work whatever's in the middle is/isn't doing.

mehdi

@jimcavoli I can do you one better https://git.cloudron.io/mehdi/orthanc/-/blob/master/server/ldap.js

I am 100% sure this code works. It worked in this app before the update, it works right now in another instance of the app I just installed, it worked before and still works in other custom apps.

mehdi

One detail I did not give is that it was the only app that was stopped during the update. For the other apps, which were running during the update, the LDAP did not break. Maybe it was a coincidence, maybe not

robi

@mehdi you did.. but that shouldn't matter as the update doesn't touch Apps afaik, but box code.

the question remains if your other custom apps use the same LDAP code as this one or not.

msbt

@robi said in Unable to login to app after update to 6.0:

but that shouldn't matter as the update doesn't touch Apps afaik, but box code.

true, updating cloudron doesn't touch the apps, but they're all getting reconfigured after the update, maybe that's what's missing with the stopped app. @mehdi did you try reconfiguring it?

girish

In Cloudron 6, we had reworked the IP address allocation and one possibly might have been that some networking issue. But this is rule out since ldapsearch works.

What you can do quickly to debug is edit this file, https://git.cloudron.io/cloudron/box/-/blob/master/src/ldap.js#L455 and console.log (don't use debug() because they are disabled for that file) the username and password and systemctl restart box. Is it correct?

mehdi

@girish Yes, it does appear to pass the correct credentials, and the function in question seems to give no error. I'll try to debug further on the app side, but for now I think we can just file this as an unexplained weird thing