starred/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2026-02-08 03:09:39 +03:00
Code Issues 784 Packages Projects Releases 10 Wiki Activity

LDAP authorization #5156

New Issue
Closed
opened 2026-02-05 09:44:45 +03:00 by OVERLORD · 4 comments
OVERLORD commented 2026-02-05 09:44:45 +03:00
Owner
Copy Link

Originally created by @BuferlorD on GitHub (Jan 27, 2025).

Attempted Debugging

  • I have read the debugging page

Searched GitHub Issues

  • I have searched GitHub for the issue.

Describe the Scenario

Включаю LDAP авторизацию. После чего внешний ID. И пытаюсь подключиться с учетной записи из LDAP. Выходит ошибка. Читал что нужно что бы работало корректно SMTP, настроил, проверил, письма тестовые доходят.
Мои настройки .evn

.env 

AUTH_METHOD=ldap

## The LDAP host, Adding a port is optional
LDAP_SERVER=10.5.50.125:389
## If using LDAP over SSL you should also define the protocol:
## LDAP_SERVER=ldaps://example.com:636

## The base DN from where users will be searched within
#LDAP_BASE_DN="ou=Uit,ou=NewOffice,ou=Companies,ou=Sites,dc=ert,dc=pkm,dc=group"
LDAP_BASE_DN="OU=Uit,OU=NewOffice,OU=Companies,OU=Sites,DC=ert,DC=pkm,DC=group"

## The full DN and password of the user used to search the server
## Can both be left as 'false' (without quotes) to bind anonymously
LDAP_DN="CN=svc-WiKi,OU=Services,OU=No_TelePhone,OU=Sites,DC=ert,DC=pkm,DC=group"
LDAP_PASS="**********"

## A filter to use when searching for users
## The user-provided user-name used to replace any occurrences of '{user}'.
## (Also supported via '${user}' for backwards compatibility.
LDAP_USER_FILTER=(&(sAMAccountName=${user}))

## Set the LDAP version to use when connecting to the server
## Should be set to 3 in most cases.
LDAP_VERSION=3

## Set the property to use as a unique identifier for this user.
## Stored and used to match LDAP users with existing BookStack users.
## Prefixing the value with 'BIN;' will assume the LDAP service provides the attribute value as
## binary data and BookStack will convert the value to a hexidecimal representation.
## Defaults to 'uid'.
LDAP_ID_ATTRIBUTE=BIN;objectGUID

## Set the default 'email' attribute. Defaults to 'mail'
LDAP_EMAIL_ATTRIBUTE=mail

## Set the property to use for a user's display name. Defaults to 'cn'
LDAP_DISPLAY_NAME_ATTRIBUTE=cn

## Set the attribute to use for the user's avatar image.
## Must provide JPEG binary image data.
## Will be used upon login or registration when the user doesn't
## already have an avatar image set.
## Remove this option or set to 'null' to disable LDAP avatar import.
## Note: Using this option can increase the likelihood of errors during login
## due to thumbnail generation which can exhaust available memory in some cases.
LDAP_THUMBNAIL_ATTRIBUTE=thumbnailPhoto

## Force TLS to be used for LDAP communication.
## Use this if you can but your LDAP support will need to support it and
## you may need to import your certificate to the BookStack host machine.
## Defaults to 'false'.
LDAP_START_TLS=false


APP_DEBUG=true

##Добавил тестовый вариант

LDAP_USER_TO_GROUPS=true

LDAP_GROUP_ATTRIBUTE="memberOf"

LDAP_REMOVE_FROM_GROUPS=false

Exact BookStack Version

v24.10.3

Log Content

журнал access.log

10.22.22.23 - - [27/Jan/2025:01:31:24 -0500] "GET /books/udmz-uSj HTTP/1.1" 200 11717 "http://wiki.ert-pkm.com/books/udmz-uSj/page/opisanie-seti" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.22.22.23 - - [27/Jan/2025:01:32:16 -0500] "-" 408 0 "-" "-"
10.2.22.45 - - [27/Jan/2025:03:48:48 -0500] "POST /login HTTP/1.1" 419 7685 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:48:48 -0500] "GET /favicon.ico HTTP/1.1" 200 12154 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:48:54 -0500] "POST /login HTTP/1.1" 419 7685 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:48:54 -0500] "GET /favicon.ico HTTP/1.1" 200 12154 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:49:06 -0500] "POST /login HTTP/1.1" 419 7685 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:49:06 -0500] "GET /favicon.ico HTTP/1.1" 200 12154 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:49:18 -0500] "POST /login HTTP/1.1" 419 7685 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:49:19 -0500] "GET /favicon.ico HTTP/1.1" 200 12154 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:49:22 -0500] "GET / HTTP/1.1" 302 1935 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
10.2.22.45 - - [27/Jan/2025:03:49:23 -0500] "GET /login HTTP/1.1" 200 4351 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"

laravel.log

Details 

[2023-12-08 07:01:04] production.ERROR: SQLSTATE[HY000] [1045] Access denied for user 'bookstack'@'localhost' (using password: YES) (SQL: select * from information_schema.tables where table_schema = bookstack and table_name = migrations and table_type = 'BASE TABLE') {"exception":"[object] (Illuminate\\Database\\QueryException(code: 1045): SQLSTATE[HY000] [1045] Access denied for user 'bookstack'@'localhost' (using password: YES) (SQL: select * from information_schema.tables where table_schema = bookstack and table_name = migrations and table_type = 'BASE TABLE') at /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Database/Connection.php:760)

[previous exception] [object] (GuzzleHttp\\Exception\\ConnectException(code: 0): cURL error 28: Connection timed out after 5001 milliseconds (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://www.gravatar.com/avatar/9061154d10e48a0c365a52b52dc3716d?s=500&d=identicon at /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php:210)
[stacktrace]
#0 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(158): GuzzleHttp\\Handler\\CurlFactory::createRejection()
#1 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(110): GuzzleHttp\\Handler\\CurlFactory::finishError()
#2 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/CurlHandler.php(47): GuzzleHttp\\Handler\\CurlFactory::finish()
#3 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php(28): GuzzleHttp\\Handler\\CurlHandler->__invoke()
#4 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php(48): GuzzleHttp\\Handler\\Proxy::GuzzleHttp\\Handler\\{closure}()
#5 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php(35): GuzzleHttp\\Handler\\Proxy::GuzzleHttp\\Handler\\{closure}()
#6 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Middleware.php(31): GuzzleHttp\\PrepareBodyMiddleware->__invoke()
#7 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/RedirectMiddleware.php(55): GuzzleHttp\\Middleware::GuzzleHttp\\{closure}()
#8 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Middleware.php(63): GuzzleHttp\\RedirectMiddleware->__invoke()
#9 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/HandlerStack.php(75): GuzzleHttp\\Middleware::GuzzleHttp\\{closure}()
#10 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Client.php(333): GuzzleHttp\\HandlerStack->__invoke()
#11 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Client.php(106): GuzzleHttp\\Client->transfer()
#12 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Client.php(138): GuzzleHttp\\Client->sendAsync()
#13 /var/www/bookstack/app/Uploads/UserAvatars.php(116): GuzzleHttp\\Client->sendRequest()
#14 /var/www/bookstack/app/Uploads/UserAvatars.php(87): BookStack\\Uploads\\UserAvatars->getAvatarImageData()
#15 /var/www/bookstack/app/Uploads/UserAvatars.php(33): BookStack\\Uploads\\UserAvatars->saveAvatarImage()
#16 /var/www/bookstack/app/Users/UserRepo.php(205): BookStack\\Uploads\\UserAvatars->fetchAndAssignToUser()
#17 /var/www/bookstack/app/Users/UserRepo.php(77): BookStack\\Users\\UserRepo->downloadAndAssignUserAvatar()
#18 /var/www/bookstack/app/Console/Commands/CreateAdminCommand.php(71): BookStack\\Users\\UserRepo->createWithoutActivity()
#19 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(36): BookStack\\Console\\Commands\\CreateAdminCommand->handle()
#20 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/Util.php(41): Illuminate\\Container\\BoundMethod::Illuminate\\Container\\{closure}()
#21 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(93): Illuminate\\Container\\Util::unwrapIfClosure()
#22 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(35): Illuminate\\Container\\BoundMethod::callBoundMethod()
#23 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/Container.php(661): Illuminate\\Container\\BoundMethod::call()
#24 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Console/Command.php(183): Illuminate\\Container\\Container->call()
#25 /var/www/bookstack/vendor/symfony/console/Command/Command.php(291): Illuminate\\Console\\Command->execute()
#26 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Console/Command.php(152): Symfony\\Component\\Console\\Command\\Command->run()
#27 /var/www/bookstack/vendor/symfony/console/Application.php(1014): Illuminate\\Console\\Command->run()
#28 /var/www/bookstack/vendor/symfony/console/Application.php(301): Symfony\\Component\\Console\\Application->doRunCommand()
#29 /var/www/bookstack/vendor/symfony/console/Application.php(171): Symfony\\Component\\Console\\Application->doRun()
#30 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Console/Application.php(102): Symfony\\Component\\Console\\Application->run()
#31 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php(155): Illuminate\\Console\\Application->run()
#32 /var/www/bookstack/artisan(35): Illuminate\\Foundation\\Console\\Kernel->handle()
#33 {main}

Hosting Environment

Apache/2.4.57 (Debian)

Originally created by @BuferlorD on GitHub (Jan 27, 2025). ### Attempted Debugging - [x] I have read the debugging page ### Searched GitHub Issues - [x] I have searched GitHub for the issue. ### Describe the Scenario Включаю LDAP авторизацию. После чего внешний ID. И пытаюсь подключиться с учетной записи из LDAP. Выходит ошибка. Читал что нужно что бы работало корректно SMTP, настроил, проверил, письма тестовые доходят. Мои настройки .evn <details><summary>.env</summary> <p> ```bash AUTH_METHOD=ldap ## The LDAP host, Adding a port is optional LDAP_SERVER=10.5.50.125:389 ## If using LDAP over SSL you should also define the protocol: ## LDAP_SERVER=ldaps://example.com:636 ## The base DN from where users will be searched within #LDAP_BASE_DN="ou=Uit,ou=NewOffice,ou=Companies,ou=Sites,dc=ert,dc=pkm,dc=group" LDAP_BASE_DN="OU=Uit,OU=NewOffice,OU=Companies,OU=Sites,DC=ert,DC=pkm,DC=group" ## The full DN and password of the user used to search the server ## Can both be left as 'false' (without quotes) to bind anonymously LDAP_DN="CN=svc-WiKi,OU=Services,OU=No_TelePhone,OU=Sites,DC=ert,DC=pkm,DC=group" LDAP_PASS="**********" ## A filter to use when searching for users ## The user-provided user-name used to replace any occurrences of '{user}'. ## (Also supported via '${user}' for backwards compatibility. LDAP_USER_FILTER=(&(sAMAccountName=${user})) ## Set the LDAP version to use when connecting to the server ## Should be set to 3 in most cases. LDAP_VERSION=3 ## Set the property to use as a unique identifier for this user. ## Stored and used to match LDAP users with existing BookStack users. ## Prefixing the value with 'BIN;' will assume the LDAP service provides the attribute value as ## binary data and BookStack will convert the value to a hexidecimal representation. ## Defaults to 'uid'. LDAP_ID_ATTRIBUTE=BIN;objectGUID ## Set the default 'email' attribute. Defaults to 'mail' LDAP_EMAIL_ATTRIBUTE=mail ## Set the property to use for a user's display name. Defaults to 'cn' LDAP_DISPLAY_NAME_ATTRIBUTE=cn ## Set the attribute to use for the user's avatar image. ## Must provide JPEG binary image data. ## Will be used upon login or registration when the user doesn't ## already have an avatar image set. ## Remove this option or set to 'null' to disable LDAP avatar import. ## Note: Using this option can increase the likelihood of errors during login ## due to thumbnail generation which can exhaust available memory in some cases. LDAP_THUMBNAIL_ATTRIBUTE=thumbnailPhoto ## Force TLS to be used for LDAP communication. ## Use this if you can but your LDAP support will need to support it and ## you may need to import your certificate to the BookStack host machine. ## Defaults to 'false'. LDAP_START_TLS=false APP_DEBUG=true ``` </p> </details> ##Добавил тестовый вариант LDAP_USER_TO_GROUPS=true LDAP_GROUP_ATTRIBUTE="memberOf" LDAP_REMOVE_FROM_GROUPS=false ### Exact BookStack Version v24.10.3 ### Log Content журнал access.log ``` 10.22.22.23 - - [27/Jan/2025:01:31:24 -0500] "GET /books/udmz-uSj HTTP/1.1" 200 11717 "http://wiki.ert-pkm.com/books/udmz-uSj/page/opisanie-seti" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.22.22.23 - - [27/Jan/2025:01:32:16 -0500] "-" 408 0 "-" "-" 10.2.22.45 - - [27/Jan/2025:03:48:48 -0500] "POST /login HTTP/1.1" 419 7685 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:48:48 -0500] "GET /favicon.ico HTTP/1.1" 200 12154 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:48:54 -0500] "POST /login HTTP/1.1" 419 7685 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:48:54 -0500] "GET /favicon.ico HTTP/1.1" 200 12154 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:49:06 -0500] "POST /login HTTP/1.1" 419 7685 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:49:06 -0500] "GET /favicon.ico HTTP/1.1" 200 12154 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:49:18 -0500] "POST /login HTTP/1.1" 419 7685 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:49:19 -0500] "GET /favicon.ico HTTP/1.1" 200 12154 "http://wiki.ert-pkm.com/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:49:22 -0500] "GET / HTTP/1.1" 302 1935 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 10.2.22.45 - - [27/Jan/2025:03:49:23 -0500] "GET /login HTTP/1.1" 200 4351 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" ``` laravel.log <details><summary>Details</summary> <p> ``` [2023-12-08 07:01:04] production.ERROR: SQLSTATE[HY000] [1045] Access denied for user 'bookstack'@'localhost' (using password: YES) (SQL: select * from information_schema.tables where table_schema = bookstack and table_name = migrations and table_type = 'BASE TABLE') {"exception":"[object] (Illuminate\\Database\\QueryException(code: 1045): SQLSTATE[HY000] [1045] Access denied for user 'bookstack'@'localhost' (using password: YES) (SQL: select * from information_schema.tables where table_schema = bookstack and table_name = migrations and table_type = 'BASE TABLE') at /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Database/Connection.php:760) [previous exception] [object] (GuzzleHttp\\Exception\\ConnectException(code: 0): cURL error 28: Connection timed out after 5001 milliseconds (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://www.gravatar.com/avatar/9061154d10e48a0c365a52b52dc3716d?s=500&d=identicon at /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php:210) [stacktrace] #0 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(158): GuzzleHttp\\Handler\\CurlFactory::createRejection() #1 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(110): GuzzleHttp\\Handler\\CurlFactory::finishError() #2 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/CurlHandler.php(47): GuzzleHttp\\Handler\\CurlFactory::finish() #3 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php(28): GuzzleHttp\\Handler\\CurlHandler->__invoke() #4 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Handler/Proxy.php(48): GuzzleHttp\\Handler\\Proxy::GuzzleHttp\\Handler\\{closure}() #5 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php(35): GuzzleHttp\\Handler\\Proxy::GuzzleHttp\\Handler\\{closure}() #6 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Middleware.php(31): GuzzleHttp\\PrepareBodyMiddleware->__invoke() #7 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/RedirectMiddleware.php(55): GuzzleHttp\\Middleware::GuzzleHttp\\{closure}() #8 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Middleware.php(63): GuzzleHttp\\RedirectMiddleware->__invoke() #9 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/HandlerStack.php(75): GuzzleHttp\\Middleware::GuzzleHttp\\{closure}() #10 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Client.php(333): GuzzleHttp\\HandlerStack->__invoke() #11 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Client.php(106): GuzzleHttp\\Client->transfer() #12 /var/www/bookstack/vendor/guzzlehttp/guzzle/src/Client.php(138): GuzzleHttp\\Client->sendAsync() #13 /var/www/bookstack/app/Uploads/UserAvatars.php(116): GuzzleHttp\\Client->sendRequest() #14 /var/www/bookstack/app/Uploads/UserAvatars.php(87): BookStack\\Uploads\\UserAvatars->getAvatarImageData() #15 /var/www/bookstack/app/Uploads/UserAvatars.php(33): BookStack\\Uploads\\UserAvatars->saveAvatarImage() #16 /var/www/bookstack/app/Users/UserRepo.php(205): BookStack\\Uploads\\UserAvatars->fetchAndAssignToUser() #17 /var/www/bookstack/app/Users/UserRepo.php(77): BookStack\\Users\\UserRepo->downloadAndAssignUserAvatar() #18 /var/www/bookstack/app/Console/Commands/CreateAdminCommand.php(71): BookStack\\Users\\UserRepo->createWithoutActivity() #19 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(36): BookStack\\Console\\Commands\\CreateAdminCommand->handle() #20 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/Util.php(41): Illuminate\\Container\\BoundMethod::Illuminate\\Container\\{closure}() #21 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(93): Illuminate\\Container\\Util::unwrapIfClosure() #22 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/BoundMethod.php(35): Illuminate\\Container\\BoundMethod::callBoundMethod() #23 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Container/Container.php(661): Illuminate\\Container\\BoundMethod::call() #24 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Console/Command.php(183): Illuminate\\Container\\Container->call() #25 /var/www/bookstack/vendor/symfony/console/Command/Command.php(291): Illuminate\\Console\\Command->execute() #26 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Console/Command.php(152): Symfony\\Component\\Console\\Command\\Command->run() #27 /var/www/bookstack/vendor/symfony/console/Application.php(1014): Illuminate\\Console\\Command->run() #28 /var/www/bookstack/vendor/symfony/console/Application.php(301): Symfony\\Component\\Console\\Application->doRunCommand() #29 /var/www/bookstack/vendor/symfony/console/Application.php(171): Symfony\\Component\\Console\\Application->doRun() #30 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Console/Application.php(102): Symfony\\Component\\Console\\Application->run() #31 /var/www/bookstack/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php(155): Illuminate\\Console\\Application->run() #32 /var/www/bookstack/artisan(35): Illuminate\\Foundation\\Console\\Kernel->handle() #33 {main} ``` </p> </details> ### Hosting Environment Apache/2.4.57 (Debian)
OVERLORD added the 🐕 Support label 2026-02-05 09:44:45 +03:00
OVERLORD commented 2026-02-05 09:44:48 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Jan 27, 2025):

Hi @BuferlorD,
What exactly do you see when an error occurs? Can you screenshot this?

The log content is old and probably irrelevant, from December of 2023, is there anything more recent in the log (newer messages will be last in the file).

I'm seeing 419 responses in your webserver log, which can indicate a session/cookie issue.
Are you attempting to use the login within a non-standard configuration, like via an iframe, embedded in another site, or have you attempted customizations at all?

@ssddanbrown commented on GitHub (Jan 27, 2025): Hi @BuferlorD, What exactly do you see when an error occurs? Can you screenshot this? The log content is old and probably irrelevant, from December of 2023, is there anything more recent in the log (newer messages will be last in the file). I'm seeing 419 responses in your webserver log, which can indicate a session/cookie issue. Are you attempting to use the login within a non-standard configuration, like via an iframe, embedded in another site, or have you attempted customizations at all?
OVERLORD commented 2026-02-05 09:44:50 +03:00
Author
Owner
Copy Link

@BuferlorD commented on GitHub (Jan 28, 2025):

Спасибо за помощь. Разобрались.. Лишнее было

# APP_DEBUG=true
##Добавил тестовый вариант

#LDAP_USER_TO_GROUPS=истина

#LDAP_GROUP_ATTRIBUTE="memberOf"

#LDAP_REMOVE_FROM_GROUPS=ложь

Закомментировав данные строки, я смог продвинутся дальше. Появилась другая ошибка связанная с отсутствием php модуля ldap. Установив данный модуль смог зайти. Главное условие авторизации что бы почта которая присвоена в AD новому пользователю не использовалась в локальной УЗ Bookstack. (Иначе ошибка)
Для связки локальной УЗ Bookstack и авторизации через LDAP, подставлял ObjectGUID полученный из PowerShell "Get-ADUser Login" полученное значение ObjectGUID преобразуем в hex и вставляем в Bookstack как альтернативная авторизация.

@BuferlorD commented on GitHub (Jan 28, 2025): Спасибо за помощь. Разобрались.. Лишнее было ``` # APP_DEBUG=true ##Добавил тестовый вариант #LDAP_USER_TO_GROUPS=истина #LDAP_GROUP_ATTRIBUTE="memberOf" #LDAP_REMOVE_FROM_GROUPS=ложь ``` Закомментировав данные строки, я смог продвинутся дальше. Появилась другая ошибка связанная с отсутствием php модуля ldap. Установив данный модуль смог зайти. Главное условие авторизации что бы почта которая присвоена в AD новому пользователю не использовалась в локальной УЗ Bookstack. (Иначе ошибка) Для связки локальной УЗ Bookstack и авторизации через LDAP, подставлял ObjectGUID полученный из PowerShell "Get-ADUser Login" полученное значение ObjectGUID преобразуем в hex и вставляем в Bookstack как альтернативная авторизация.
OVERLORD commented 2026-02-05 09:44:53 +03:00
Author
Owner
Copy Link

@ssddanbrown commented on GitHub (Jan 28, 2025):

Okay, I assume this is solved then unless I misunderstood the translations on my side, so will therefore close this off.

@ssddanbrown commented on GitHub (Jan 28, 2025): Okay, I assume this is solved then unless I misunderstood the translations on my side, so will therefore close this off.
OVERLORD commented 2026-02-05 09:44:54 +03:00
Author
Owner
Copy Link

@jamalelmada commented on GitHub (Feb 7, 2025):

j'ai besoin de smtp

@jamalelmada commented on GitHub (Feb 7, 2025): j'ai besoin de smtp
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🎨 Design
📖 Docs Update
🐛 Bug
🐛 Bug
:cat2:🐈 Possible duplicate
💿 Database
Open to discussion
💻 Front-End
🐕 Support
🚪 Authentication
🌍 Translations
🔌 API Task
🏭 Back-End
Upstream
🔨 Feature Request
🛠️ Enhancement
🛠️ Enhancement
🛠️ Enhancement
❤️ Happy feedback
🔒 Security
🔍 Pending Validation
💆 UX
📝 WYSIWYG Editor
🌔 Out of scope
🔩 API Request
:octocat: Admin/Meta
🖌️ View Customization
Question
🚀 Priority
🛡️ Blocked
🚚 Export System
A11y
🔧 Maintenance
> Markdown Editor
pull-request
Mirrored from GitHub Pull Request
No Label 🐕 Support
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#5156
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?