Project

General

Profile

Tâche #11367

Distribution EOLE - Scénario #11245: Assistance aux utilisateurs (17-19)

La redirection d'EOP avec EoleSSO n'est pas correcte

Added by Joël Cuissinat over 6 years ago. Updated over 6 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Start date:
04/21/2015
Due date:
% Done:

0%

Estimated time:
4.00 h
Spent time:
Remaining (hours):
0.0

Description

Si on accède directement à l'adresse https://scribe.ac-test.fr/eop/documents on est redirigé vers https://scribe.ac-test.fr:8443/login?service=https%3A//scribe.ac-test.fr/eop/login%3Fnext%3Dhttps%253A%252F%252Fscribe.ac-test.fr%252Feop%252Fdocuments ce qui n'est pas correct.

Testé sur Scribe 2.3 avec les derniers paquets candidats :
  • eole-sso 2.3-eole108~2
  • eole-eop 0.1.0-eole9~2

Associated revisions

Revision 28bbae3d (diff)
Added by Bruno Boiget over 6 years ago

retour de '%' (non listé dans la RFC)

ref #11367 @20m

Revision d44627e3 (diff)
Added by Bruno Boiget over 6 years ago

retour de '%' (non listé dans la RFC)

ref #11367

History

#1 Updated by Joël Cuissinat over 6 years ago

  • Status changed from Nouveau to Résolu

#2 Updated by Joël Cuissinat over 6 years ago

  • Assigned To set to Bruno Boiget

#3 Updated by Joël Cuissinat over 6 years ago

  • Status changed from Résolu to En cours

#4 Updated by Bruno Boiget over 6 years ago

  • % Done changed from 0 to 90
  • Remaining (hours) changed from 4.0 to 0.5

paquet candidat compilé pour eole 2.3.

La modification est mergée dans eole 2.4.1 / 2.4.2 / master, non packagé pour l'instant

#5 Updated by Scrum Master over 6 years ago

  • Status changed from En cours to Résolu

#6 Updated by Daniel Dehennin over 6 years ago

  • Status changed from Résolu to En cours
  • % Done changed from 90 to 0
  • Remaining (hours) changed from 0.5 to 2.0

J’ai une erreur: Internal Server Error sur aca.scribe-2.3.15-instance-default.

root@scribe:~# apt-cache policy eole-sso
eole-sso:
  Installé : 2.3-eole108~4.gbpa5e355
  Candidat : 2.3-eole108~4.gbpa5e355
 Table de version :
 *** 2.3-eole108~4.gbpa5e355 0
        500 http://eoleng.ac-dijon.fr/eoleng/ eole-2.3-proposed/all/ Packages
        100 /var/lib/dpkg/status
     2.3-eole107 0
        500 http://eoleng.ac-dijon.fr/eoleng/ eole-2.3-updates/all/ Packages
     2.3-eole106+4 0
        500 http://eoleng.ac-dijon.fr/eoleng/ eole-2.3-security/all/ Packages
     2.3-eole90 0
        500 http://eoleng.ac-dijon.fr/eoleng/ eole-2.3/all/ Packages
root@scribe:~# apt-cache policy eole-eop
eole-eop:
  Installé : 0.1.0-eole9~2.gbpbc4111
  Candidat : 0.1.0-eole9~2.gbpbc4111
 Table de version :
 *** 0.1.0-eole9~2.gbpbc4111 0
        500 http://eoleng.ac-dijon.fr/eoleng/ eole-2.3-proposed/all/ Packages
        100 /var/lib/dpkg/status
     0.1.0-eole8 0
        500 http://eoleng.ac-dijon.fr/eoleng/ eole-2.3-updates/all/ Packages
     0.1.0-eole6 0
        500 http://eoleng.ac-dijon.fr/eoleng/ eole-2.3-security/all/ Packages
root@scribe:~# cat /var/log/eoleflask/gunicorn-access.log 
192.168.230.30 - - [29/Apr/2015:11:37:03] "GET /eop/documents HTTP/1.1" 302 379 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Iceweasel/37.0.2" 
192.168.230.30 - - [29/Apr/2015:11:37:03] "GET /eop/login?next=https%3A%2F%2Fscribe.ac-test.fr%2Feop%2Fdocuments HTTP/1.1" 302 509 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Iceweasel/37.0.2" 
192.168.230.30 - - [29/Apr/2015:11:37:41] "GET /eop/documents HTTP/1.1" 302 379 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Iceweasel/37.0.2" 
192.168.230.30 - - [29/Apr/2015:11:37:41] "GET /eop/login?next=https%3A%2F%2Fscribe.ac-test.fr%2Feop%2Fdocuments HTTP/1.1" 302 509 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Iceweasel/37.0.2" 
192.168.230.30 - - [29/Apr/2015:11:37:59] "GET /eop/documents HTTP/1.1" 302 379 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Iceweasel/37.0.2" 
192.168.230.30 - - [29/Apr/2015:11:37:59] "GET /eop/login?next=https%3A%2F%2Fscribe.ac-test.fr%2Feop%2Fdocuments HTTP/1.1" 302 509 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Iceweasel/37.0.2" 
192.168.230.30 - - [29/Apr/2015:11:38:06] "GET /eop/login?next=https%3A%2F%2Fscribe.ac-test.fr%2Feop%2Fdocuments&ticket=ST-scribe.ac-test.fr-71c574bf08cd6797efbc0879778c9ea7cb9ac6aab670f788bd1cfc4d HTTP/1.1" 500 291 "https://scribe.ac-test.fr:8443/login?service=https%3A//scribe.ac-test.fr/eop/login%3Fnext%3Dhttps%253A%252F%252Fscribe.ac-test.fr%252Feop%252Fdocuments" "Mozilla/5.0 (X11; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0 Iceweasel/37.0.2" 
root@scribe:~# cat /var/log/eoleflask/eop.log 
Exception on /login [GET]
Traceback (most recent call last):
  File "/usr/lib/pymodules/python2.6/flask/app.py", line 1504, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/lib/pymodules/python2.6/flask/app.py", line 1264, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/lib/pymodules/python2.6/flask/app.py", line 1262, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/lib/pymodules/python2.6/flask/app.py", line 1248, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/usr/lib/pymodules/python2.6/eop/views.py", line 96, in login
    return user.authenticate()
  File "/usr/lib/pymodules/python2.6/eop/cas.py", line 55, in authenticate
    if self.is_authenticated():
  File "/usr/lib/pymodules/python2.6/eop/cas.py", line 75, in is_authenticated
    username = self.validate(request.args.get('ticket'))
  File "/usr/lib/pymodules/python2.6/eop/cas.py", line 92, in validate
    f_validate   = urllib.urlopen(cas_validate)
  File "/usr/lib/python2.6/urllib.py", line 86, in urlopen
    return opener.open(url)
  File "/usr/lib/python2.6/urllib.py", line 205, in open
    return getattr(self, name)(url)
  File "/usr/lib/python2.6/urllib.py", line 439, in open_https
    h.endheaders()
  File "/usr/lib/python2.6/httplib.py", line 904, in endheaders
    self._send_output()
  File "/usr/lib/python2.6/httplib.py", line 776, in _send_output
    self.send(msg)
  File "/usr/lib/python2.6/httplib.py", line 735, in send
    self.connect()
  File "/usr/lib/python2.6/httplib.py", line 1112, in connect
    self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file)
  File "/usr/lib/python2.6/ssl.py", line 350, in wrap_socket
    suppress_ragged_eofs=suppress_ragged_eofs)
  File "/usr/lib/python2.6/ssl.py", line 118, in __init__
    self.do_handshake()
  File "/usr/lib/python2.6/ssl.py", line 293, in do_handshake
    self._sslobj.do_handshake()
IOError: [Errno socket error] [Errno 8] _ssl.c:480: EOF occurred in violation of protocol

#7 Updated by Daniel Dehennin over 6 years ago

  • Status changed from En cours to Fermé
  • Remaining (hours) changed from 2.0 to 0.0

Le bug est en fait un problème SSLv3/TLSv1 c.f. #11490

Also available in: Atom PDF