Comments (28)
-
yes, hubot is a key part of our (scalable) integration and extension mechanism for the core 'chat' platform - as such, they typically do helpful work invisibly in the room where they service ; there is currently no need or use case for a 'bot disguised as regular user' scenario ; essentially, bot should always login as system user via controlled 'back-door' means
-
which instructions are you following to get the bot running? are you using docker? (I'm asking because most of our documented workflows would have excluded the HEROKU problem)
from hubot-rocketchat.
-
So I do NOT need to create a user? Given I needed to specify ROCKETCHAT_PASSWORD.
Given that it did NOT connect, I created a user. Where do I set the user/pw on the rocketchat side? -
Followed instructions from https://github.com/RocketChat/hubot-rocketchat section "New install". This is not a docker instance, but a CentOS box
from hubot-rocketchat.
@giray simplest way would be to create a local rocket.chat user instead of using a ldap user it will likely work.
from hubot-rocketchat.
@geekgonecrazy that doesn't quite work if you enable ldap authentication. I'm not sure on how to create a 'system users' as @Sing-Li has described.
from hubot-rocketchat.
@giray We need to allow for local user creation with ldap. I think the solution might be to disable ldap add the user then re-enable ldap.
I'll try and get one of the guys that worked on the ldap piece to take a look and see what we can do for bots.
from hubot-rocketchat.
@geekgonecrazy disabling ldap, creating local user and re-enable ldap seems to work
from hubot-rocketchat.
@giray I know that feels hacky. But glad you at least have it working.
from hubot-rocketchat.
+1 - I'm logging into the hubot/bot account with the browser/client - but when using hubot docker it just says:
ERROR Unable to Login: [object Object] Reason: User has no password set
from hubot-rocketchat.
@RocketChat/core
Right now we're using Asteroid Login Method:
login: (username, password) =>
@logger.info "Logging In"
# promise returned
return @asteroid.loginWithPassword username, password
From: https://github.com/RocketChat/hubot-rocketchat/blob/master/src/rocketchat_driver.coffee#L41
It looks like that method is calling the meteor method login
with a payload like:
{
password: 'password',
user: {
username: 'username',
email: undefined
}
}
Call found here: https://github.com/mondora/asteroid/blob/master/src/core/login.js#L123
Do we know what the payload should look like for ldap authentication? Or is there another meteor method that needs called instead if its an ldap authentication?
from hubot-rocketchat.
I think to login with LDAP you should call Meteor.loginWithLDAP
function.. look here
from hubot-rocketchat.
@sampaiodiego ah! So what kind of options would need passed as the 3rd parameter?
@teon / @giray: So provided we can make this work. Would you be ok with having to set an environment variable like: LDAP=true
to login with ldap?
But the case still needs to be made....
Should hubot really login with ldap? Or should hubot only ever really log in as a user created specifically for the bot in rocket.chat? We can improve that process to make it easier and we plan to.
Can either of you make a case as to why use ldap vs rocket.chat specific user?
from hubot-rocketchat.
@geekgonecrazy - problem with LDAP auth provider is that when you are trying to change password for a selected user - it tries to edit it in LDAP and not Rocket.Chat as you would expect/or are suggesting. Thus there is no possibility to have local and LDAP accounts in parallel...
from hubot-rocketchat.
@geekgonecrazy our problem was that once you switch over to ldap, you are not able to get back to the local accounts. I'm fine with not being able to change passwords. LDAP=true as env var would be great.
from hubot-rocketchat.
@geekgonecrazy - exactly as @giray wrote ;-) you need to know we have LDAP enabled ;-)
from hubot-rocketchat.
So you would rather have the bot as a user on your ldap server instead of maybe being able to create a local user in like a bot section of the Rocket.Chat config?
Maybe a as easy as clicking Create Bot
and specifying a name, and it spitting out a username and password?
I just want to make sure LDAP is for sure something that is practical for the bot to be able to do. If it would be better in the long run to go the other route, then we can put more effort there.
from hubot-rocketchat.
@geekgonecrazy it would be much better if Rocket.Chat would enable LDAP + local accounts - I could have accounts for bots or other people that are not (and will not be) in our company LDAP..
from hubot-rocketchat.
@teon this is kind of what I suspected. I used to do some sys admin stuff and I don't think I would have ever wanted to create an ldap user for a bot.
Unless.... the bot needed to login to other systems on the network? Is this even feasible? Or would you expect to have to pass the credentials in another way to the bot to connect to that other system?
from hubot-rocketchat.
@geekgonecrazy you want to have central control of all accounts, that does not mean that you bot "service" accounts is able to log in anywhere else. If you allow local accounts you may loose control / overview of accounts on large sites.
from hubot-rocketchat.
Guys, please vote for this PR mondora/asteroid#87
from hubot-rocketchat.
Can you guys try the [email protected]
Now you can set the environment variable ROCKETCHAT_AUTH=ldap
from hubot-rocketchat.
Only works with the branch develop
of Rocket.Chat and will be merged on the 0.15.0
from hubot-rocketchat.
@engelgabriel works! thanks! will hubot-gitsy also work?
from hubot-rocketchat.
Yes. hubot-gitsy is independent of the adapter (hubot-rocketchat). Closing, verified by @teon.
from hubot-rocketchat.
I need this fix, but I'm waiting for the release. What do I need to get it working? (please, update the docs)
- Rocket.Chat 0.15.0 (not released yet)
- hubot-rocketchat 0.0.26
- Set
ROCKETCHAT_AUTH=ldap
Am I missing something?
from hubot-rocketchat.
Rocket.Chat 0.15.0 is released.
https://github.com/RocketChat/Rocket.Chat/releases/tag/0.15.0
from hubot-rocketchat.
I get the following error
hubot@13457f30d4c6:~$ bin/hubot -a rocketchat
[Wed Jan 27 2016 14:09:02 GMT+0000 (UTC)] INFO Starting Rocketchat adapter...
[Wed Jan 27 2016 14:09:02 GMT+0000 (UTC)] INFO Once connected to rooms I will respond to the name: rocketbot
[Wed Jan 27 2016 14:09:02 GMT+0000 (UTC)] INFO Connecting To: <removed-ip>
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] ERROR Error: listen EADDRINUSE
at exports._errnoException (util.js:746:11)
at Server._listen2 (net.js:1156:14)
at listen (net.js:1182:10)
at net.js:1280:9
at dns.js:85:18
at process._tickCallback (node.js:355:11)
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] INFO Successfully connected!
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] INFO general
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] INFO Logging In
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] ERROR Unable to Login: {"error":400,"reason":"Unrecognized options for login request","message":"Unrecognized options for login request [400]","errorType":"Meteor.Error"} Reason: Unrecognized options for login request
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] ERROR If joining GENERAL please make sure its using all caps.
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] ERROR If using LDAP, turn off LDAP, and turn on general user registration with email verification off.
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] ERROR {"error":400,"reason":"Unrecognized options for login request","message":"Unrecognized options for login request [400]","errorType":"Meteor.Error"}
[Wed Jan 27 2016 14:09:03 GMT+0000 (UTC)] ERROR Unable to complete setup. See https://github.com/RocketChat/hubot-rocketchat for more info.
LDAP is on and email verification is off. I tried running bin/hubot -a rocketchat
with LDAP off and email verification off, but I get the same error. All enviroment variables are set:
hubot@13457f30d4c6:~$ echo $ROCKETCHAT_ROOM
GENERAL
hubot@13457f30d4c6:~$ echo $ROCKETCHAT_USER
bot
hubot@13457f30d4c6:~$ echo $ROCKETCHAT_PASSWORD
bot
hubot@13457f30d4c6:~$ echo $ROCKETCHAT_AUTH
ldap
The bot was created on LDAP and was able to authenticate.
from hubot-rocketchat.
EADDRINUSE means that the port number which listen() tries to bind the server to is already in use.
So, in your case, there must be a server already running on the port you are trying to use for inbound connections to your hubbot.
But thats unrelated to the "Unrecognized options for login request". You must be running an old version or Rocket.Chat.
Check on your version of https://demo.rocket.chat/api/info to se the version.
from hubot-rocketchat.
@engelgabriel Ok, thank you. It's working!
from hubot-rocketchat.
Related Issues (20)
- Detect new user login at first time
- Use robot.adapter.CallMethod with custom method HOT 1
- Ability to define passwords using docker secrets
- Hubot sends output to the wrong channel HOT 3
- AttachmentMessage toString method bug
- Please make a new release tag for latest code
- Getting Error message message: 'User not found [403]', errorType: 'Meteor.Error' } HOT 1
- Unable to get DirectMessage
- The hubot does't connect with EC2 server using HTTP
- Occasional Lost Connection to Room
- Public room visible for user first login without permisison HOT 1
- chatbot not be able to answer to livechat
- ERROR TypeError: Cannot read property '_id' of undefined HOT 7
- Hubot can't login User not found [403] HOT 1
- Problem with push notifications showing encrypted message content.
- Make Tutorials
- ERROR ROCKETCHAT
- Query param support in im.list and groups.list
- Hubot 11 and hubot-rocketchat adapter
- Rocketchat hubot shows connected successfully but not showing green light in rocket.chat application
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hubot-rocketchat.