ChiliProject is not maintained anymore. Please be advised that there will be no more updates.

We do not recommend that you setup new ChiliProject instances and we urge all existing users to migrate their data to a maintained system, e.g. Redmine. We will provide a migration script later. In the meantime, you can use the instructions by Christian Daehn.

Chiliproject upgrade, migration from PSQL do MYSQL and LDAP auth problem

Added by Marcin Garski at 2014-09-17 01:34 pm

Hey,

I've got quite strange problem. I'm about to migrate from PostgreSQL DB to MySQL DB. I've decided also to upgrade my chiliproject from 2.0.0 to 3.8.0. In first step I've upgraded version to 3.8.0 with PSQL DB. That was successful. Logging all methods worked fine! Next I've installed MySQL Workbench and I've converted Postgresql DB with all data to MySQL DB. I've changed adapter to mysql2 and pointed to new MySQL DB. Authentication for internal users works fine. The problem is that auth. via ActiveDirectory fails. This is strange, because it seems like the problem is the content of DB. When i create empty MySQL DB and configure new AD_Auth option there is no problem with logging via AD.

I also tried to reconfigure all users to Internal method of auth. Then I made all the conversion process (psql->mysql) and imported new data (without AD_auth configured) to new MySQL DB. Then I configured new AD_auth metod but it failed with the same error.

production.log:

Processing AccountController#login (for 10.20.44.1 at 2014-09-17 10:06:31) [POST]
  Parameters: {"..."}

Errno::ECONNRESET (Connection reset by peer - SSL_connect):
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1132:in `connect'
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1132:in `wrap_with_ssl'
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1169:in `setup_encryption'
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1116:in `initialize'
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:634:in `new'
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:634:in `search'
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1044:in `search_root_dse'
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:1095:in `paged_searches_supported?'
  /var/lib/gems/1.9.1/gems/net-ldap-0.3.1/lib/net/ldap.rb:619:in `search'
  app/models/auth_source_ldap.rb:114:in `get_user_dn'
  app/models/auth_source_ldap.rb:34:in `authenticate'
  app/models/user.rb:128:in `try_to_login'
  app/controllers/account_controller.rb:143:in `password_authentication'
  app/controllers/account_controller.rb:138:in `authenticate_user'
  app/controllers/account_controller.rb:26:in `login'
  <internal:prelude>:10:in `synchronize'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/rack/request_handler.rb:96:in `process_request'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_request_handler.rb:516:in `accept_and_process_next_request'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_request_handler.rb:274:in `main_loop'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/classic_rails/application_spawner.rb:321:in `start_request_handler'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/classic_rails/application_spawner.rb:275:in `block in handle_spawn_application'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/utils.rb:479:in `safe_fork'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/classic_rails/application_spawner.rb:270:in `handle_spawn_application'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_server.rb:357:in `server_main_loop'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_server.rb:206:in `start_synchronously'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_server.rb:180:in `start'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/classic_rails/application_spawner.rb:149:in `start'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/spawn_manager.rb:219:in `block (2 levels) in spawn_rails_application'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_server_collection.rb:132:in `lookup_or_add'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/spawn_manager.rb:214:in `block in spawn_rails_application'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_server_collection.rb:82:in `block in synchronize'
  <internal:prelude>:10:in `synchronize'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_server_collection.rb:79:in `synchronize'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/spawn_manager.rb:213:in `spawn_rails_application'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/spawn_manager.rb:132:in `spawn_application'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/spawn_manager.rb:275:in `handle_spawn_application'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_server.rb:357:in `server_main_loop'
  /usr/lib/ruby/vendor_ruby/phusion_passenger/abstract_server.rb:206:in `start_synchronously'
  /usr/share/phusion-passenger/helper-scripts/passenger-spawn-server:99:in `<main>'

Rendering /srv/www/chiliproject-3.8.0/public/500.html (500 Internal Server Error)

My question is: is there any data (token,hash,session_key or sth) in DB that is combined with aut_sources and is used while user is loggin into chiliprojet?

Thanks in advance for Your replies,

gary


Replies (2)

RE: Chiliproject upgrade, migration from PSQL do MYSQL and LDAP auth problem - Added by Felix Schäfer at 2014-09-23 05:13 pm

Unfortunately the way Ruby on Rails stores data in MySQL and PostreSQL has subtle differences, for example booleans in MySQL will be stored as TINYTINT(1), whereas they will be stored as boolean. This will not migrate over well with a normal SQL export and import. This probably messed up the LDAP config enough to make it unusable. Could you check the types of auth_sources.tls in your migrated database?

RE: Chiliproject upgrade, migration from PSQL do MYSQL and LDAP auth problem - Added by Marcin Garski at 2014-09-24 07:46 am

I changed my idea. I'm staying with PostgreSQL.

Thanks.

(1-2/2)