Authentication problem with Sugar plugin

Hello, Trying to do some first-time mautic setup and I’m having problems with the SugarCRM plugin and authentication.



Mautic is 1.2.2 and SugarCRM is 6.5.15.



I created a new user ‘sugarmautic’ in our AD backend which we use for authentication. Tested authentication to sugar in the browser with that username/password pair - all OK.



When the plugin is configured, when clicking “Authorize App” button the error message returned is:

Quote:
Authorization failed with the error message, 'Login attempt failed please check the username and password'

The corresponds to the mautic log file:
Code:
[2015-12-03 17:28:45] mautic.ERROR: INTEGRATION ERROR: Sugarcrm - Login attempt failed please check the username and password [] []

In the apache access log used to front-end the SugarCRM instance I see this (after URL decoding and a little security obfuscation):
Code:
192.168.20.218 - - [03/Dec/2015:17:28:53 0000] "GET //service/v4_1/rest.php?method=login&input_type=JSON&response_type=JSON&rest_data={"user_auth":{"user_name":"sugarmautic","password":"0111111111111111111","version":"1"},"application_name":"Mautic","name_value_list":[],"method":"login","input_type":"JSON","response_type":"JSON"} HTTP/1.1" 200 112

Finally the last thing I'm seeing is from the Apache error_log (repetition truncated):
Code:
[Thu Dec 03 17:28:53 2015] [error] [client 192.168.20.218] PHP Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: Invalid credentials in /usr/local/websites/sugarcrm/content/sugar/modules/Users/authentication/LDAPAuthenticate/LDAPAuthenticateUser.php on line 94, referer: /index.php/s/plugins/integrations/authcallback/Sugarcrm [Thu Dec 03 17:28:53 2015] [error] [client 192.168.20.218] PHP Warning: ldap_bind() [function.ldap-bind]: Unable to bind to server: Invalid credentials in /usr/local/websites/sugarcrm/content/sugar/modules/Users/authentication/LDAPAuthenticate/LDAPAuthenticateUser.php on line 101, referer: /index.php/s/plugins/integrations/authcallback/Sugarcrm [Thu Dec 03 17:28:53 2015] [error] [client 192.168.20.218] PHP Notice: Undefined variable: res in /usr/local/websites/sugarcrm/content/sugar/modules/Users/authentication/SugarAuthenticate/SugarAuthenticate.php on line 101, referer: /index.php/s/plugins/integrations/authcallback/Sugarcrm [Thu Dec 03 17:28:53 2015] [error] [client 192.168.20.218] PHP Notice: Undefined variable: res in /usr/local/websites/sugarcrm/content/sugar/modules/Users/authentication/SugarAuthenticate/SugarAuthenticate.php on line 101, referer: /index.php/s/plugins/integrations/authcallback/Sugarcrm

I'm not a PHP programmer so I'm unsure how to diagnose/test further and suggestions would be appreciated?

One final thought - we are using SugarCRM hooked up to LDAP (AD) for authentication - it's working in the browser, but could it be causing the problems here?

Thanks,

Nigel

Hello, Trying to do some first-time mautic setup and I’m having problems with the SugarCRM plugin and authentication.

Mautic is 1.2.2 and SugarCRM is 6.5.15.

I created a new user ‘sugarmautic’ in our AD backend which we use for authentication. Tested authentication to sugar in the browser with that username/password pair - all OK.

When the plugin is configured, when clicking “Authorize App” button the error message returned is:

The corresponds to the mautic log file:

[2015-12-03 17:28:45] mautic.ERROR: INTEGRATION ERROR: Sugarcrm - Login attempt failed please check the username and password [] []

In the apache access log used to front-end the SugarCRM instance I see this (after URL decoding and a little security obfuscation):

192.168.20.218 - - [03/Dec/2015:17:28:53 0000] "GET //service/v4_1/rest.php?method=login&input_type=JSON&response_type=JSON&rest_data={"user_auth":{"user_name":"sugarmautic","password":"0111111111111111111","version":"1"},"application_name":"Mautic","name_value_list":[],"method":"login","input_type":"JSON","response_type":"JSON"} HTTP/1.1" 200 112

Finally the last thing I’m seeing is from the Apache error_log (repetition truncated):

[Thu Dec 03 17:28:53 2015] [error] [client 192.168.20.218] PHP Warning: ldap_bind() [<a href='function.ldap-bind'>function.ldap-bind</a>]: Unable to bind to server: Invalid credentials in /usr/local/websites/sugarcrm/content/sugar/modules/Users/authentication/LDAPAuthenticate/LDAPAuthenticateUser.php on line 94, referer: /index.php/s/plugins/integrations/authcallback/Sugarcrm [Thu Dec 03 17:28:53 2015] [error] [client 192.168.20.218] PHP Warning: ldap_bind() [<a href='function.ldap-bind'>function.ldap-bind</a>]: Unable to bind to server: Invalid credentials in /usr/local/websites/sugarcrm/content/sugar/modules/Users/authentication/LDAPAuthenticate/LDAPAuthenticateUser.php on line 101, referer: /index.php/s/plugins/integrations/authcallback/Sugarcrm [Thu Dec 03 17:28:53 2015] [error] [client 192.168.20.218] PHP Notice: Undefined variable: res in /usr/local/websites/sugarcrm/content/sugar/modules/Users/authentication/SugarAuthenticate/SugarAuthenticate.php on line 101, referer: /index.php/s/plugins/integrations/authcallback/Sugarcrm [Thu Dec 03 17:28:53 2015] [error] [client 192.168.20.218] PHP Notice: Undefined variable: res in /usr/local/websites/sugarcrm/content/sugar/modules/Users/authentication/SugarAuthenticate/SugarAuthenticate.php on line 101, referer: /index.php/s/plugins/integrations/authcallback/Sugarcrm

I’m not a PHP programmer so I’m unsure how to diagnose/test further and suggestions would be appreciated?

One final thought - we are using SugarCRM hooked up to LDAP (AD) for authentication - it’s working in the browser, but could it be causing the problems here?

Thanks,

Nigel

Hi, all the reported errors says that some of the credentials are not correct. There is no error in Mautic itself. Please, edit the logs you’ve copy/pasted and remove your username and password. It’s not safe to publish it to the internet like this.

Hi, I’ve triple checked the credentials and also got two other people to check them. We can use the same credentials to login to sugar via the browser.

I agree that it may not be a mautic problem, but easily could an issue in sugar. We’re a few versions out of date - latest sugar is 6.5.22.

There’s a few things I could try next: write some code to test the OAuth login to sugar, looking at the communication over the wire and perhaps do a sugar upgrade to .22.

The above logs have the user/password changed/obfuscated. The times and rfc1918 address is real, but well hidden behind our firewall.

Thanks,

Nigel

Hi,

We found a resolution to this. By further testing we found the sugar plugin only worked with sugar when it was using its built-in authentication store, not when sugar was using an LDAP directory such as AD.

Our work-around for this problem was to temporarily disconnect LDAP authentication in Sugar, create a local user for the credentials and then reestablish our LDAP connection for our normal users. The sugar auth code uses some form of fallback and so the locally stored credentials then do work with mautic.

Hope this is useful,

Nigel