我在自己的服务器上设置了一个Wirecloud和一个KeyRock实例。现在我想通过KeyRock启用对Wirecloud的身份验证,如下所述:Integration with the IdM-GE
在打开<wirecloud_server>/login后执行所述步骤后,我登陆KeyStone登录屏幕。登录后,我被要求授权该应用并被重定向到<wirecloud_server>/complete/fiware/?state=<state_token>&code=<code_token>,但在那里我只收到500错误。
Horizon(KeyRock-Frontend)日志以及Wirecloud日志不会显示任何错误,因此我无法解决问题所在。
EDIT1: 我将日志记录更改为调试,现在我在浏览器中收到以下消息:
Environment:
Request Method: GET
Request URL: https://<wirecloud_server>/complete/fiware/?state=LhCRZqqOaB57Lo8kyYxhk5zWJBhTRshi&code=JH3mwLCmnBx19kZwtPoqNm1Gl4eIpv
Django Version: 1.6.11
Python Version: 2.7.9
Installed Applications:
('django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.admin',
'wirecloud.commons',
'wirecloud.defaulttheme',
'compressor',
'south',
'wirecloud.catalogue',
'wirecloud.platform',
'wirecloud.fiware',
'social.apps.django_app.default')
Installed Middleware:
('wirecloud.commons.middleware.URLMiddleware',)
Traceback:
File "/usr/local/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
112. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/usr/local/venv/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
52. response = view_func(request, *args, **kwargs)
File "/usr/local/venv/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
57. return view_func(*args, **kwargs)
File "/usr/local/venv/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
51. return func(request, backend, *args, **kwargs)
File "/usr/local/venv/lib/python2.7/site-packages/social/apps/django_app/views.py" in complete
28. redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
File "/usr/local/venv/lib/python2.7/site-packages/social/actions.py" in do_complete
43. user = backend.complete(user=user, *args, **kwargs)
File "/usr/local/venv/lib/python2.7/site-packages/social/backends/base.py" in complete
41. return self.auth_complete(*args, **kwargs)
File "/usr/local/venv/lib/python2.7/site-packages/social/utils.py" in wrapper
229. return func(*args, **kwargs)
File "/usr/local/venv/lib/python2.7/site-packages/social/backends/oauth.py" in auth_complete
375. state = self.validate_state()
File "/usr/local/venv/lib/python2.7/site-packages/social/backends/oauth.py" in validate_state
88. raise AuthStateMissing(self, 'state')
Exception Type: AuthStateMissing at /complete/fiware/
Exception Value: Session value state missing.
我的wirecloud vhost的apache日志读取以下内容:
[Wed Jan 27 07:40:40.707138 2016] [wsgi:error] [pid 22571:tid 139868295030528] Internal Server Error: /complete/fiware/
[Wed Jan 27 07:40:40.707165 2016] [wsgi:error] [pid 22571:tid 139868295030528] Traceback (most recent call last):
[Wed Jan 27 07:40:40.707167 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/django/core/handlers/base.py", line 112, in get_response
[Wed Jan 27 07:40:40.707169 2016] [wsgi:error] [pid 22571:tid 139868295030528] response = wrapped_callback(request, *callback_args, **callback_kwargs)
[Wed Jan 27 07:40:40.707171 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/django/views/decorators/cache.py", line 52, in _wrapped_view_func
[Wed Jan 27 07:40:40.707173 2016] [wsgi:error] [pid 22571:tid 139868295030528] response = view_func(request, *args, **kwargs)
[Wed Jan 27 07:40:40.707175 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/django/views/decorators/csrf.py", line 57, in wrapped_view
[Wed Jan 27 07:40:40.707177 2016] [wsgi:error] [pid 22571:tid 139868295030528] return view_func(*args, **kwargs)
[Wed Jan 27 07:40:40.707179 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/social/apps/django_app/utils.py", line 51, in wrapper
[Wed Jan 27 07:40:40.707181 2016] [wsgi:error] [pid 22571:tid 139868295030528] return func(request, backend, *args, **kwargs)
[Wed Jan 27 07:40:40.707183 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/social/apps/django_app/views.py", line 28, in complete
[Wed Jan 27 07:40:40.707185 2016] [wsgi:error] [pid 22571:tid 139868295030528] redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
[Wed Jan 27 07:40:40.707187 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/social/actions.py", line 43, in do_complete
[Wed Jan 27 07:40:40.707189 2016] [wsgi:error] [pid 22571:tid 139868295030528] user = backend.complete(user=user, *args, **kwargs)
[Wed Jan 27 07:40:40.707191 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/social/backends/base.py", line 41, in complete
[Wed Jan 27 07:40:40.707204 2016] [wsgi:error] [pid 22571:tid 139868295030528] return self.auth_complete(*args, **kwargs)
[Wed Jan 27 07:40:40.707206 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/social/utils.py", line 229, in wrapper
[Wed Jan 27 07:40:40.707208 2016] [wsgi:error] [pid 22571:tid 139868295030528] return func(*args, **kwargs)
[Wed Jan 27 07:40:40.707210 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/social/backends/oauth.py", line 375, in auth_complete
[Wed Jan 27 07:40:40.707212 2016] [wsgi:error] [pid 22571:tid 139868295030528] state = self.validate_state()
[Wed Jan 27 07:40:40.707213 2016] [wsgi:error] [pid 22571:tid 139868295030528] File "/usr/local/venv/lib/python2.7/site-packages/social/backends/oauth.py", line 88, in validate_state
[Wed Jan 27 07:40:40.707215 2016] [wsgi:error] [pid 22571:tid 139868295030528] raise AuthStateMissing(self, 'state')
[Wed Jan 27 07:40:40.707217 2016] [wsgi:error] [pid 22571:tid 139868295030528] AuthStateMissing: Session value state missing.
水平日志显示以下内容:
[Wed Jan 27 06:40:37.975296 2016] [wsgi:error] [pid 22572:tid 139868395742976] Login successful for user "idm".
[Wed Jan 27 06:40:38.089251 2016] [wsgi:error] [pid 22572:tid 139868362172160] DEBUG:idm_logger:Requesting authorization for application: 449efdc7913f434ea6e81ed49b1669e4 with redirect_uri: https://<wirecloud_server>/complete/fiware/ and scope: ['all_info'] by user idm
[Wed Jan 27 06:40:38.122259 2016] [wsgi:error] [pid 22572:tid 139868362172160] DEBUG:idm_logger:OAUTH2: Application 449efdc7913f434ea6e81ed49b1669e4 NOT alreadyauthorized
[Wed Jan 27 06:40:40.574809 2016] [wsgi:error] [pid 22572:tid 139868395742976] DEBUG:idm_logger:Authorizing application: 449efdc7913f434ea6e81ed49b1669e4 by user: idm
[Wed Jan 27 06:40:40.596301 2016] [wsgi:error] [pid 22572:tid 139868395742976] DEBUG:idm_logger:OAUTH2: Authorization Code obtained JH3mwLCmnBx19kZwtPoqNm1Gl4eIpv
[Wed Jan 27 06:40:40.596382 2016] [wsgi:error] [pid 22572:tid 139868395742976] DEBUG:idm_logger:OAUTH2: Redirecting user back to https://<wirecloud_server>/complete/fiware/?state=LhCRZqqOaB57Lo8kyYxhk5zWJBhTRshi&code=JH3mwLCmnBx19kZwtPoqNm1Gl4eIpv
答案 0 :(得分:2)
在同一域中托管IdM服务器和WireCloud时,似乎发生了此问题。在这种情况下,两个服务都尝试使用相同的cookie作为会话,因为WireCloud和IdM基于Django。虽然您的错误与此cookie无关,但对于用于CSRF身份验证令牌的Cookie也会发生相同的情况。
请修改settings.py文件,并为SESSION_COOKIE_NAME和CSRF_COOKIE_NAME设置提供自定义值。 E.g:
SESSION_COOKIE_NAME = "wcsessionid"
CSRF_COOKIE_NAME = "wccsrftoken"