django-DefectDojo
django-DefectDojo copied to clipboard
DefectDojo
Error authen LDAP when upgrade v2.29.1 to v.2.30.0
Hi,
Problem description I config authentication via LDAP success in v2.29.1. But when I upgrade to v2.30.0, can't login via LDAP.
Steps to reproduce Steps to reproduce the behavior:
- Pull the latest version
docker pull defectdojo/defectdojo-django:latest
docker pull defectdojo/defectdojo-nginx:latest
- Go to the directory where your docker-compose.yml file lives
- Stop DefectDojo:
./dc-stop.sh - Re-start DefectDojo, allowing for container recreation:
./dc-up-d.sh
Deployment method (select with an X)
- Docker Compose version v2.6.1
Environment information
- Operating System: Red Hat Enterprise Linux release 8.5 (Ootpa)
- DefectDojo version 2.30.0 Logs
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:20:13.530 * Server initialized
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:20:13.530 * Loading RDB produced by version 7.2.3
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:20:13.530 * RDB age 5 seconds
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:20:13.530 * RDB memory usage when created 1.35 Mb
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:20:13.530 * Done loading RDB, keys loaded: 3, keys expired: 0.
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:20:13.530 * DB loaded from disk: 0.000 seconds
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:20:13.530 * Ready to accept connections tcp
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:33:33.567 * 100 changes in 300 seconds. Saving...
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:33:33.567 * Background saving started by pid 16
django-defectdojo-master-redis-1 | 16:C 04 Jan 2024 02:33:33.570 * DB saved on disk
django-defectdojo-master-redis-1 | 16:C 04 Jan 2024 02:33:33.570 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:33:33.668 * Background saving terminated with success
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:47:23.452 * 100 changes in 300 seconds. Saving...
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:47:23.452 * Background saving started by pid 17
django-defectdojo-master-redis-1 | 17:C 04 Jan 2024 02:47:23.455 * DB saved on disk
django-defectdojo-master-redis-1 | 17:C 04 Jan 2024 02:47:23.455 * Fork CoW for RDB: current 0 MB, peak 0 MB, average 0 MB
django-defectdojo-master-redis-1 | 1:M 04 Jan 2024 02:47:23.552 * Background saving terminated with success
Screenshots
More information:
- File configuration: Dockerfile.django-, Dockerfile.nginx-, requirements.txt, settings.dist.py, docker-compose.yml (Optional) does not change
- Can telnet from DefectDojo to LDAP
- Before update, can authen via LDAP. But then connection between DefectDojo and LDAP is not success, because I can spam login LDAP and account LDAP is not blocked according to AD regulations
About log uwsgi:
django-defectdojo-master-uwsgi-1 | wait-for-it.sh: waiting max 30 seconds for postgres:5432
django-defectdojo-master-uwsgi-1 | wait-for-it.sh: postgres:5432 is available after 0 seconds
django-defectdojo-master-uwsgi-1 | ============================================================
django-defectdojo-master-uwsgi-1 | Overriding DefectDojo's local_settings.py with multiple
django-defectdojo-master-uwsgi-1 | Files: /app/docker/extra_settings/README.md
django-defectdojo-master-uwsgi-1 | ============================================================
django-defectdojo-master-uwsgi-1 | [09/Jan/2024 06:48:50] INFO [dojo.models:4299] enabling audit logging
django-defectdojo-master-uwsgi-1 | /usr/local/lib/python3.11/site-packages/coreapi/codecs/download.py:5: DeprecationWarning: 'cgi' is deprecated and slated for removal in Python 3.13
django-defectdojo-master-uwsgi-1 | import cgi
django-defectdojo-master-uwsgi-1 | System check identified no issues (0 silenced).
django-defectdojo-master-uwsgi-1 | *** Starting uWSGI 2.0.23 (64bit) on [Tue Jan 9 06:48:52 2024] ***
django-defectdojo-master-uwsgi-1 | compiled with version: 10.2.1 20210110 on 08 January 2024 16:56:14
django-defectdojo-master-uwsgi-1 | os: Linux-4.18.0-348.el8.x86_64 #1 SMP Mon Oct 4 12:17:22 EDT 2021
django-defectdojo-master-uwsgi-1 | nodename: bda1866b5bb6
django-defectdojo-master-uwsgi-1 | machine: x86_64
django-defectdojo-master-uwsgi-1 | clock source: unix
django-defectdojo-master-uwsgi-1 | detected number of CPU cores: 12
django-defectdojo-master-uwsgi-1 | current working directory: /app
django-defectdojo-master-uwsgi-1 | detected binary path: /usr/local/bin/uwsgi
django-defectdojo-master-uwsgi-1 | !!! no internal routing support, rebuild with pcre support !!!
django-defectdojo-master-uwsgi-1 | *** WARNING: you are running uWSGI without its master process manager ***
django-defectdojo-master-uwsgi-1 | your memory page size is 4096 bytes
django-defectdojo-master-uwsgi-1 | detected max file descriptor number: 1048576
django-defectdojo-master-uwsgi-1 | lock engine: pthread robust mutexes
django-defectdojo-master-uwsgi-1 | thunder lock: disabled (you can enable it with --thunder-lock)
django-defectdojo-master-uwsgi-1 | uWSGI http bound on 0.0.0.0:8081 fd 3
django-defectdojo-master-uwsgi-1 | spawned uWSGI http 1 (pid: 26)
django-defectdojo-master-uwsgi-1 | uwsgi socket 0 bound to TCP address 0.0.0.0:3031 fd 6
django-defectdojo-master-uwsgi-1 | Python version: 3.11.4 (main, Aug 16 2023, 05:31:52) [GCC 10.2.1 20210110]
django-defectdojo-master-uwsgi-1 | Python main interpreter initialized at 0x7f0752664558
django-defectdojo-master-uwsgi-1 | python threads support enabled
django-defectdojo-master-uwsgi-1 | your server socket listen backlog is limited to 100 connections
django-defectdojo-master-uwsgi-1 | your mercy for graceful operations on workers is 60 seconds
django-defectdojo-master-uwsgi-1 | mapped 183136 bytes (178 KB) for 4 cores
django-defectdojo-master-uwsgi-1 | *** Operational MODE: preforking+threaded ***
django-defectdojo-master-uwsgi-1 | [09/Jan/2024 06:48:53] INFO [dojo.models:4299] enabling audit logging
django-defectdojo-master-uwsgi-1 | WSGI app 0 (mountpoint='') ready in 1 seconds on interpreter 0x7f0752664558 pid: 1 (default app)
django-defectdojo-master-uwsgi-1 | *** uWSGI is running in multiple interpreter mode ***
django-defectdojo-master-uwsgi-1 | spawned uWSGI worker 1 (pid: 1, cores: 2)
django-defectdojo-master-uwsgi-1 | spawned uWSGI worker 2 (pid: 27, cores: 2)
django-defectdojo-master-uwsgi-1 | [pid: 1|app: -|req: -/-] x.x.x.x (-) {60 vars in 1136 bytes} [Tue Jan 9 06:49:27 2024] GET / => generated 0 bytes in 26 msecs (HTTP/1.1 302) 8 headers in 247 bytes (1 switches on core 0)
django-defectdojo-master-uwsgi-1 | [pid: 1|app: -|req: -/-] x.x.x.x (-) {60 vars in 1159 bytes} [Tue Jan 9 06:49:27 2024] GET /login?next=/ => generated 15636 bytes in 1703 msecs (HTTP/1.1 200) 10 headers in 489 bytes (1 switches on core 1)
django-defectdojo-master-uwsgi-1 | [pid: 27|app: -|req: -/-] x.x.x.x (-) {58 vars in 1032 bytes} [Tue Jan 9 06:50:04 2024] GET /alerts/count => generated 0 bytes in 1361 msecs (HTTP/1.1 302) 8 headers in 259 bytes (1 switches on core 0)
django-defectdojo-master-uwsgi-1 | [pid: 27|app: -|req: -/-] x.x.x.x (-) {58 vars in 1055 bytes} [Tue Jan 9 06:50:05 2024] GET /login?next=/alerts/count => generated 15636 bytes in 387 msecs (HTTP/1.1 200) 10 headers in 489 bytes (1 switches on core 1)
django-defectdojo-master-uwsgi-1 | [09/Jan/2024 06:50:32] WARNING [dojo.utils:2345] login failed for: users via ip: x.x.x.x
django-defectdojo-master-uwsgi-1 | [pid: 1|app: -|req: -/-] x.x.x.x (-) {68 vars in 1375 bytes} [Tue Jan 9 06:50:32 2024] POST /login?next=/ => generated 16023 bytes in 90 msecs (HTTP/1.1 200) 10 headers in 489 bytes (1 switches on core 0)
django-defectdojo-master-uwsgi-1 | [pid: 27|app: -|req: -/-] x.x.x.x (-) {58 vars in 1032 bytes} [Tue Jan 9 06:51:04 2024] GET /alerts/count => generated 0 bytes in 14 msecs (HTTP/1.1 302) 8 headers in 259 bytes (1 switches on core 0)
django-defectdojo-master-uwsgi-1 | [pid: 27|app: -|req: -/-] x.x.x.x (-) {58 vars in 1055 bytes} [Tue Jan 9 06:51:04 2024] GET /login?next=/alerts/count => generated 15636 bytes in 22 msecs (HTTP/1.1 200) 10 headers in 489 bytes (1 switches on core 1)
django-defectdojo-master-uwsgi-1 | [pid: 1|app: -|req: -/-] x.x.x.x (-) {58 vars in 1032 bytes} [Tue Jan 9 06:52:04 2024] GET /alerts/count => generated 0 bytes in 15 msecs (HTTP/1.1 302) 8 headers in 259 bytes (1 switches on core 1)
django-defectdojo-master-uwsgi-1 | [pid: 27|app: -|req: -/-] x.x.x.x (-) {58 vars in 1055 bytes} [Tue Jan 9 06:52:04 2024] GET /login?next=/alerts/count => generated 15636 bytes in 21 msecs (HTTP/1.1 200) 10 headers in 489 bytes (1 switches on core 0)
django-defectdojo-master-uwsgi-1 | [pid: 27|app: -|req: -/-] x.x.x.x (-) {58 vars in 1032 bytes} [Tue Jan 9 06:53:04 2024] GET /alerts/count => generated 0 bytes in 15 msecs (HTTP/1.1 302) 8 headers in 259 bytes (1 switches on core 1)
django-defectdojo-master-uwsgi-1 | [pid: 27|app: -|req: -/-] x.x.x.x (-) {58 vars in 1055 bytes} [Tue Jan 9 06:53:04 2024] GET /login?next=/alerts/count => generated 15636 bytes in 22 msecs (HTTP/1.1 200) 10 headers in 489 bytes (1 switches on core 0)
django-defectdojo-master-uwsgi-1 | [pid: 1|app: -|req: -/-] x.x.x.x (-) {58 vars in 1032 bytes} [Tue Jan 9 06:54:04 2024] GET /alerts/count => generated 0 bytes in 16 msecs (HTTP/1.1 302) 8 headers in 259 bytes (1 switches on core 0)
django-defectdojo-master-uwsgi-1 | [pid: 27|app: -|req: -/-] x.x.x.x (-) {58 vars in 1055 bytes} [Tue Jan 9 06:54:04 2024] GET /login?next=/alerts/count => generated 15636 bytes in 22 msecs (HTTP/1.1 200) 10 headers in 489 bytes (1 switches on core 1)
@tsukiazuma you found a solutions for this issue? I just upgrade my instance and have the same problem.
Oh, sorry for the late response, I just had a Tet holiday. And I haven't join in slack channel, how can I do to join it?
Oh, sorry for the late response, I just had a Tet holiday. And I haven't join in slack channel, how can I do to join it?
See the README at https://github.com/DefectDojo/django-DefectDojo?tab=readme-ov-file#community-getting-involved-and-updates
