anyone using django_auth_ldap against an active directory server
I am trying to set up auth through django_auth_ldap and am having an issue.
if i run my auth from the django interactive shell the auth works fine.
example from the shell
>>> from django.contrib.auth import authenticate
>>> authenticate(username='#############',password='*************')
search_s('ou=People, o=hp.com', 2, '(uid=%(user)s)') returned 1 objects: uid=###########,ou=people,o=hp.com
Populating Django ###########
Django user ########## does not have a profile to populate
<User:########## >
but the same code from within a view in the app fails with
Caught LDAPError while authenticating ##########: SERVER_DOWN({'desc': "Can't contact LDAP server"},)
I figured it out. I decided I would set up remote debugging so that I could step through the process and see where it was failing in that process I found that the httpd process was being prevented (by selinux) from making a network connection back to my eclipse IDE fixing this fixed the app. I think selinux was preventing the app from connecting to the ldap server. When I got my debug environment all worked out and stepped through it all worked fine !
the command to allow httpd to make a network connection
as root
setsebool -P httpd_can_network_connect 1
Related
I have been running flask-talisman on my development server and everything checks out fine. Yet, with the same code and requirements installed on my dedicated server for production (Almalinux), just adding Talisman(app) after app = Flask(__name__) results in the webpage not loading with a redirection to https://localhost:8000. The error message that I precisely get on my browser after typing in the domain is:
This site can't be reached - localhost refused to connect
I am running Nginx 1.14.1 with gunicorn 20.1.0 and supervisor. The server is connected to the internet and without using Talisman it has run smoothly so far.
List of things that I tried without any effect
temporarily stopped firewall
restarted nginx
both tried to access the website through its domain and IP address - the redirection to localhost:8000 remains
tried to run the app on other ports, e.g. 8000 for testing
stripped down the code to a mere mini tutorial that runs well on my development server but not on my production server. So I figured it can't be the app itself.
checked error logs and there is literally nothing, not in the nginx error log or python app error log. Access log shows nothing usual, the same as if everything checks out.
searched the Internet and found nothing that would point in the right direction and explain the failed redirect to localhost:8000
Here is a stripped down tutorial code that should run but doesn't run on my server:
from flask import Flask
from flask_talisman import Talisman
app = Flask(__name__)
Talisman(app)
app.secret_key = 'kungfoo'
#app.route('/', methods=['GET', 'POST'])
def index():
return "Hello stackoverflow!"
if __name__ == "__main__":
app.run(debug=True)
Well,
proxy_set_header X-Forwarded-Proto $scheme;
does the trick in the nginx.conf within the server's location / {} block. This is stated in the gunicorn docs and can be easily missed...
It is recommended to pass protocol information to Gunicorn. Many web
frameworks use this information to generate URLs. Without this
information, the application may mistakenly generate ‘http’ URLs in
‘https’ responses, leading to mixed content warnings or broken
applications.
I have been following this tutorial to create Django cloud app. I have been stuck on the 'Run the app on your local computer' part of the tutorial. Before running cloud_sql_proxy.exe command, I have created .env file and pasted its contents into Permissions on Google Cloud, so theoretically, after running set GOOGLE_CLOUD_PROJECT=PROJECT_ID, I could delete this .env file from repository as it would recognize it anyway. But for now, I left it. What is more, I activate env correctly in the project dir when I ran command in this location, gcloud sql instances describe INSTANCE_NAME it works OK and displays database info.
Then, I have opened new Cloud SDK and ran command: cloud_sql_proxy.exe -instances="PROJECT_ID:REGION:INSTANCE_NAME"=tcp:5434.
The result is:
2021/11/08 17:11:11 Listening on 127.0.0.1:5434 for PROJECT_ID:REGION:INSTANCE_NAME
2021/11/08 17:11:11 Ready for new connections
2021/11/08 17:11:11 Generated RSA key in 116.9931ms
The reason behind why it is 5434 and not 5432 and 5433 as that these ports were busy. I must say that I have also downloaded postgresql and specified these:
information.
After running in env (Google SDK) respectively:
set GOOGLE_CLOUD_PROJECT=PROJECT_ID
set USE_CLOUD_SQL_AUTH_PROXY=true
python manage.py makemigrations , this error occurs:
C:\Users\User\Desktop\cloud\python-docs-samples\appengine\standard_python3\django\env\lib\site-packages\django\core\management\commands\makemigrations.py:105: RuntimeWarning: Got an error checking a consistent migration history performed for database connection 'default': FATAL: database "DATABASE_NAME" does not exist
warnings.warn(
No changes detected
I believe that it is because I must somehow know which port to use locally instead of 5434, to connect to a cloud through proxy. How to find this and fix the issue?
PS. note that i replaced real names to be PROJECT_ID, REGION, INSTANCE_NAME, DATABASE_NAME
I want to deploy my flask-restx application on a shared hosting. Since I am beginner in deployment, I followed a video tutorial from youtube.
I did step by step by following this tutorial.
For those who do not want to go through the tutorial, I am writing the steps:
I created an application from the Python cPanel
Initial set up in Cpanel
Then I opened terminal and changed my venv and installed flask by "pip install flask"
Project Structure
filas_folder/
├──public
├──tmp
│ └──restart.txt
├──app.py
└──passenger_wsgi.py
app.py looks like
from flask import Flask
app = Flask(__name__)
#app.route("/")
def main_():
return "flask is running"
#app.route("/user")
def main_2():
return "user is running"
if __name__ == "__main__": app.run()
Restart app from cpanel
passenger.py looks like
import imp
import os
import sys
sys.path.insert(0, os.path.dirname(__file__))
wsgi = imp.load_source('wsgi', 'app.py')
application = wsgi.app
when I open www.example.com
flask is running
But when I open www.example.com/user
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator at webmaster#example.com to inform them of the time this error occurred, and the actions you performed just before this error.
More information about this error may be available in the server error log.
Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
My system has cloudlinux and uses apache server. This is not the first deployment. Many wordpress and static websites are running on the server.
I opened apache logs at /usr/local/apache/logs/error_log
I get the error "Request exceeded the limit of 10 internal redirects due to probable configuration error. Use 'LimitInternalRecursion' to increase the limit if necessary. Use 'LogLevel debug' to get a backtrace., referer" http://example.com/user"
Add the following to the top of your .htaccess file:
RewriteEngine on
RewriteRule ^http://%{HTTP_HOST}%{REQUEST_URI} [END,NE]
Got this info from: https://stackoverflow.com/a/63971427/10122266
I am running Python 2.7, Virtualenv, Django 1.3, mod_wsgi, Apache application on Ubuntu 11.04.
Everything including psycopg2 etc are working great with wsgi and app are up and running.
The only issue is with Selenium. I am getting this error ONLY when I execute this from wsgi on creating firefox driver as follows:
from selenium import webdriver
wd = webdriver.Firefox()
WebDriverException Exception Value: Message: "Can't load the profile.
Profile Dir : /tmp/tmp8h7MW8"
my Selenium version is 2.5
Apache launched as root and child process are launched as user called app.
Execute the code above from same virtualenv without wsgi works just fine.
So this makes me think that it is permission issue at some level... so I tried this:
ls -l /tmp/tmp8h7MW8
>> drwxr-xr-x 3 app app 4096 2011-10-07 13:09 extensions
>> -rw-r--r-- 1 app app 2188 2011-10-07 13:09 user.js
I would appreciated it if you could point me to right direction as to what I am might be misconfiguring wsgi
Apache processes run as special user. If that temp directory is truly owned by 'app' then Apache user likely wouldn't be able to write to it.
What user does Apache run as? Are you using daemon mode and overridden what user it should run as?
So I traced firefx_binary.py and figure it out the actual error was "Connection refused" when socket_.connect(("127.0.0.1", self.profile.port)) is called.
The port value changes every time (ie: 45807, 44719, 60565)
The error occurs depends on Group setting on apache config (apache run user and group) as Graham suspected. I was playing with 2 users.
$ groups app
app : app
$ groups nreeves
nreeves : nreeves adm dialout fax cdrom floppy tape dip video plugdev fuse
I tried 3 patters and only 1 works which still confuses me and hope someone could tell me why...
# this does't work...
User=nreeves
Group=adm
# this does't work either
User=app
Group=app
# this works
User=nreeves
Group=nreeves
Bit of a strange one. I've created a super user for django admin for my app, which is just a new django nonrel project with admin enabled. I try and access the /admin whilst running the development server, but when I type in the (correct) username and password it tells me they are not correct.
Deploying the project to Google App Engine, the login works fine. Why would it work fine on Googles servers, but not on the development server?
UPDATE - turn off the server, run python2.5 manage.py syncdb, and add a fresh superuser. Must already have included django.contrib.admin to INSTALLED_APPS
This is not at all the answer. Completely different symptoms. I will try to remember to post here when I figure it out.
I have a workaround that is working in windows vista
#change the manage.py code to:
if __name__ == "__main__":
print "lets go...."
execute_manager(settings)
import os
from google.appengine.tools import dev_appserver
#from view.PresetsPage import DuplicatePresetGroup
print "flushing database ..."
dev_appserver.TearDownStubs()
and run
python manage.py syncdb
after all you should be able to find the 'datastore' file on your disk.
in views.py add:
def stopAll (request):
import os
if os.environ.get('SERVER_SOFTWARE','').startswith('Development'):
from google.appengine.tools import dev_appserver
dev_appserver.TearDownStubs()
return HttpResponse("completed !")
and and the corresponding entry in urls.py file.
(r'^stop/$', stopAll),
enter the
localhost:8080/stop/
each time you want to flush the datastore to file