glauth does not work with gitea #183
Description
Hi,
I exposed a ldap server via glauth to public net, using the ldap backend connected to a ldap server in internal net. My intent is to use glauth as authentication source for a gitea server facing public net.
I have tested glauth successfully using ldapsearch as follows:
ldapsearch -H ldaps://ldap-proxy.example.com:636 -b cn=users,dc=example,dc=com -D uid=abc,cn=users,dc=example,dc=com -x -w password -LLL '(uid=abc)'
However I cannot get it work with gitea; glauth log says
Jul 8 13:46:24 vm-ldap-proxy glauth64[61172]: 13:46:24.314141 Bind ▶ DEBU 34d Bind success as uid=abc,cn=users,dc=example,dc=com from 1.2.3.4:50578
Jul 8 13:46:24 vm-ldap-proxy /usr/local/bin/glauth64[61172]: 13:46:24.314141 Bind ▶ DEBU 34d Bind success as uid=abc,cn=users,dc=example,dc=com from 1.2.3.4:50578
but gitea web UI says "incorrect username or password". I looked into gitea log and saw:
gitea | 2021/07/08 13:23:09 ...dels/login_source.go:850:UserSignIn() [W] Failed to login 'abc' via 'ldap-proxy': user does not exist [uid: 0, name: abc, keyid: 0]
gitea | 2021/07/08 13:23:09 routers/user/auth.go:179:SignInPost() [I] Failed authentication attempt for abc from 172.19.0.1:63892: user does not exist [uid: 0, name: , keyid: 0]
It seems to me more likely a problem with gitea than with glauth; however when I tried gitea to authenticate against the internal ldap server I could login. So perhaps the answer from glauth is slightly different than the one from the internal ldap, which makes gitea unhappy.
Any hint or idea what can be tried to troubleshoot this?