LDAP auth does not work for "git push" command (clients get error 500) while LDAP auth works on web-based-gui (GitLab 7.4.0 ba76dbc3)
We have an instance of GitLab, ver. 7.4.0 ba76dbc3.
Our config file (/etc/gitlab/gitlab.rb) contains:
gitlab_rails['ldap_enabled'] = true
#...
host: 'our.host.net'
port: 389
uid: 'uid_field'
method: 'plain' # "tls" or "ssl" or "plain"
bind_dn: 'cn=bindn'
password: 'pass'
allow_username_or_email_login: true
base: 'ou=people,dc=company,dc=org'
user_filter: '' #empty stringLDAP auth works fine on www.our.host.net, user gets created, projects can be Created, Read, Updated or Deleted.
SSH auth via public key works too. Access to public projects works ok.
Whenever a client uses commands from their machine bash console, an error 500 occurs:
computer:~/git/http-test$ git push -u origin master
Username for 'http://our.host.net': adam
Password for 'http://adam@our.host.net':
error: The requested URL returned error: 500 while accessing http://our.host.net/adam.smith/http-test.git/info/refs
fatal: HTTP request failed
The content of /var/log/gitlab/gitlab-rails/production.log is:
Started GET "/adam.smith/http-test.git/info/refs?service=git-receive-pack" for 127.0.0.1 at 2015-06-15 19:29:53 +0200
Started GET "/adam.smith/http-test.git/info/refs?service=git-receive-pack" for 127.0.0.1 at 2015-06-15 19:30:00 +0200
Started GET "/adam.smith/http-test.git/info/refs?service=git-receive-pack" for 127.0.0.1 at 2015-06-15 19:30:00 +0200
ArgumentError (host,port,method,uid or filter,base MUST be provided):
lib/gitlab/ldap/authentication.rb:52:in `new'
lib/gitlab/ldap/authentication.rb:52:in `adapter'
lib/gitlab/ldap/authentication.rb:37:in `login'
lib/gitlab/ldap/authentication.rb:18:in `block in login'
lib/gitlab/ldap/authentication.rb:16:in `each'
lib/gitlab/ldap/authentication.rb:16:in `find'
lib/gitlab/ldap/authentication.rb:16:in `login'
lib/gitlab/auth.rb:12:in `find'
lib/gitlab/backend/grack_auth.rb:76:in `authenticate_user'
lib/gitlab/backend/grack_auth.rb:47:in `auth!'
lib/gitlab/backend/grack_auth.rb:26:in `call'
Started GET "/adam.smith/http-test.git/info/refs" for 127.0.0.1 at 2015-06-15 19:30:00 +0200
ArgumentError (host,port,method,uid or filter,base MUST be provided):
lib/gitlab/ldap/authentication.rb:52:in `new'
lib/gitlab/ldap/authentication.rb:52:in `adapter'
lib/gitlab/ldap/authentication.rb:37:in `login'
lib/gitlab/ldap/authentication.rb:18:in `block in login'
lib/gitlab/ldap/authentication.rb:16:in `each'
lib/gitlab/ldap/authentication.rb:16:in `find'
lib/gitlab/ldap/authentication.rb:16:in `login'
lib/gitlab/auth.rb:12:in `find'
lib/gitlab/backend/grack_auth.rb:76:in `authenticate_user'
lib/gitlab/backend/grack_auth.rb:47:in `auth!'
lib/gitlab/backend/grack_auth.rb:26:in `call'
We tried numerous solutions (repeting definitions in config file in numerous combinations, swapping apostrophes to quotes, etc). We have managed to get the content of param that is sent to "new" method in line 52 of lib/gitlab/ldap/authentication.rb - that is in a place where the config options are reported in logs to be missing some fields; but their content is legitimate:
{"label"=>"ldap_label", "host"=>"our.host.net", "port"=>389, "uid"=>"yid_field", "method"=>"plain", "bind_dn"=>"cn=bindingn", "password"=>"secret-password", "active_directory"=>false, "allow_username_or_email_login"=>true, "base"=>"ou=people,dc=company,dc=org", "user_filter"=>"", "provider_name"=>"ldapmain", "provider_class"=>"Ldapmain"}
Please, advice! Help!