我安装了Davical 1.1.1并且使用默认身份验证正常工作。我正在尝试使用OpenLDAP 2.3服务器启用LDAP身份验证。身份验证似乎工作正常(日志显示我从LDAP服务器获得了正确的名称和电子邮件地址),但是当Davical尝试创建新用户时,我收到数据库错误。无论我是尝试使用LDAP凭据登录Web面板还是以管理员身份登录并使用“工具”页面同步LDAP用户,都会发生同样的情况。
以下是LDAP登录尝试的日志:
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: SQL error "42846" - ERROR: cannot cast type text to bit"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: INSERT INTO dav_principal (username,email,user_active,modified,fullname,type_id,default_privileges) VALUES(:username,:email,:user_active,:modified,:fullname,:type_id,cast(:default_privileges as text)::BIT(24))
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: ":username" => "jon_williams"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: ":email" => "jon@myserver.com"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: ":user_active" => "1"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: ":modified" => "2013-03-22 17:12:37"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: ":fullname" => "Jon"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: ":type_id" => "1"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: Principal: Query: QF: ":default_privileges" => "000000000001111000000000"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: SQL error "42804" - ERROR: column "user_no" is of type integer but expression is of type boolean HINT: You will need to rewrite or cast the expression."
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: INSERT INTO collection (user_no, parent_container, dav_name, dav_etag, dav_displayname, is_calendar, is_addressbook, default_privileges, created, modified, resourcetypes) VALUES( :user_no, :parent_container, :collection_path, :dav_etag, :di
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: splayname, :is_calendar, :is_addressbook, :privileges::BIT(24), current_timestamp, current_timestamp, :resourcetypes );
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":user_no" => ""
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":parent_container" => "/jon_williams/"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":dav_etag" => "-1"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":collection_path" => "/jon_williams/calendar/"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":displayname" => " calendar"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":resourcetypes" => "<DAV::collection/><urn:ietf:params:xml:ns:caldav:calendar/>"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":is_calendar" => "1"
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":is_addressbook" => ""
[25-Mar-2013 15:53:30 America/New_York] davical: LOG: index.php: Query: QF: ":privileges" => ""
[25-Mar-2013 15:53:31 America/New_York] davical: ***: ERROR:AwlDBDialect: Named parameter '0' does not begin with a colon.
[25-Mar-2013 15:53:31 America/New_York] davical: ***: ERROR:AwlDBDialect: Named parameter '1' does not begin with a colon.
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Session: Query: QF: SQL error "08P01" - ERROR: bind message supplies 0 parameters, but prepared statement "pdo_pgsql_stmt_090efd34" requires 2"
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Session: Query: QF: UPDATE usr SET last_used = (SELECT session_start FROM session WHERE session.user_no = ? ORDER BY session_id DESC LIMIT 1) WHERE user_no = ?;
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Session: Query: QF: "0" => ""
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Session: Query: QF: "1" => ""
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Login: Query: QF: SQL error "42804" - ERROR: column "user_no" is of type integer but expression is of type boolean HINT: You will need to rewrite or cast the expression."
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Login: Query: QF: INSERT INTO session (session_id, user_no, session_key) VALUES( ?, ?, ? )
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Login: Query: QF: "0" => "41"
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Login: Query: QF: "1" => ""
[25-Mar-2013 15:53:31 America/New_York] davical: LOG: Login: Query: QF: "2" => "d0f33746419fc250d60890666ee5a1fb"
[25-Mar-2013 15:53:31 America/New_York] davical: Login failure: ERR: Could not create new session.
这里似乎有两个错误 - 一个是在尝试为用户创建主体时,另一个是在尝试创建默认收集集时。在后一种情况下,似乎主体没有返回“user_no”的值来用于新集合。
Davical LDAP文档(http://wiki.davical.org/w/Configuration/LDAP)表明'user_no'的映射字段应该对应于LDAP中的Unix uid,但是我们的LDAP服务器不使用uid编号,所以我从配置文件。以下是配置当前的样子(更改域名以保护无辜者):
<?php
$c->domain_name = "calendar.myserver.com";
$c->admin_email = 'webmaster@myserver.com';
$c->pg_connect[] = 'dbname=davical port=5432 user=davical_app';
$c->authenticate_hook['call'] = 'LDAP_check';
$c->do_not_sync_from_ldap = array('admin' => true);
$c->authenticate_hook['config'] = array(
'host' => 'ldaps://www.myserver.com:636', //host name of your LDAP Server
'bindDN' => 'cn=Manager,dc=myserver,dc=com', //DN to bind request to this server (if required)
'passDN' => 'nice_try', //Password of request bind
'baseDNUsers' => 'ou=people,dc=myserver,dc=com', //where to look for valid user
'filterUsers' => 'objectClass=inetOrgPerson', //filter which must validate a user according to RFC4515, i.e. surrounded by brackets
'protocolVersion' => 3, // important for simple auth (no sasl)
'mapping_field' => array(
'username' => 'uid',
'modified' => 'modifyTimestamp',
'fullname' => 'cn', // "Common Name"
'email' => 'mail'), //used to create the user based on his LDAP properties
'format_updated'=> array('Y' => array(0,4),
'm' => array(4,2),
'd' => array(6,2),
'H' => array(8,2),
'M' => array(10,2),
'S' => array(12,2)), // map LDAP "modifyTimestamp" field to SQL "updated" field
'scope' => 'subtree' // Search scope to use, defaults to subtree ( applies to BOTH user and group mappings )
// Allowed values: base, onelevel, subtree.
);
include('drivers_ldap.php');
这是Davical 1.1.1中的错误,还是我做错了什么?