You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Shawn McKinney (Jira)" <ji...@apache.org> on 2021/06/22 16:05:00 UTC
[jira] [Comment Edited] (FC-238) Migrate to LDAP API 2.0
[ https://issues.apache.org/jira/browse/FC-238?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17367342#comment-17367342 ]
Shawn McKinney edited comment on FC-238 at 6/22/21, 4:04 PM:
-------------------------------------------------------------
Renewing this work. Here are the problem areas:
1. LDAP connection pool (LdapConnectionProvider)
PooledObjectFactory<LdapConnection> poolFactory = new ValidatingPoolableLdapConnectionFactory( config );
//PoolableObjectFactory<LdapConnection> poolFactory = new ValidatingPoolableLdapConnectionFactory( config );
//adminPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
//adminPool.setMaxActive( max );
// have substituted with these:
adminPool.setMaxTotal( max );
adminPool.setBlockWhenExhausted( true );
adminPool.setMaxWaitMillis( 5000 );
2. Relax Control (LdapDataProvider)
if ( setRelaxControl )
{
addRequest.addControl( new RelaxControlImpl() );
}
: ERR_08002_CANNOT_FIND_CONTROL_FACTORY failed to find a control factory for control OID: 1.3.6.1.4.1.4203.666.5.12
2021-06-21 17:05:027 WARN LdapNetworkConnection:2478 - org.apache.directory.api.asn1.EncoderException: ERR_08002_CANNOT_FIND_CONTROL_FACTORY failed to find a control factory for control OID: 1.3.6.1.4.1.4203.666.5.12
org.apache.mina.filter.codec.ProtocolEncoderException: org.apache.directory.api.asn1.EncoderException: ERR_08002_CANNOT_FIND_CONTROL_FACTORY failed to find a control factory for control OID: 1.3.6.1.4.1.4203.666.5.12
3. PW Policy Control (LdapDataProvider)
protected PasswordPolicy getPwdRespCtrl(Response resp )
{
//Control control = resp.getControls().get( PP_REQ_CTRL.getOid() );
Control control = resp.getControls().get( "1.3.6.1.4.1.42.2.27.8.5.1" );
if ( control == null )
{
return null;
}
return ( ( PasswordPolicyDecorator ) control ).getDecorated();
}
4. RBAC Accelerator Extended Ops (LdapConnectionProvider)
List<String> listExOps = new ArrayList<>();
listExOps.add( "org.openldap.accelerator.impl.createSession.RbacCreateSessionFactory" );
listExOps.add( "org.openldap.accelerator.impl.checkAccess.RbacCheckAccessFactory" );
listExOps.add( "org.openldap.accelerator.impl.addRole.RbacAddRoleFactory" );
listExOps.add( "org.openldap.accelerator.impl.dropRole.RbacDropRoleFactory" );
listExOps.add( "org.openldap.accelerator.impl.deleteSession.RbacDeleteSessionFactory" );
listExOps.add( "org.openldap.accelerator.impl.sessionRoles.RbacSessionRolesFactory" );
LdapApiService ldapApiService = new StandaloneLdapApiService( new ArrayList<String>(), listExOps );
if ( !LdapApiServiceFactory.isInitialized() )
{
LdapApiServiceFactory.initialize( ldapApiService );
}
config.setLdapApiService( ldapApiService );
was (Author: smckinney):
Renewing this work. Here are the problem areas:
1. LDAP connection pool (LdapConnectionProvider)
PooledObjectFactory<LdapConnection> poolFactory = new ValidatingPoolableLdapConnectionFactory( config );
//PoolableObjectFactory<LdapConnection> poolFactory = new ValidatingPoolableLdapConnectionFactory( config );
//adminPool.setWhenExhaustedAction( GenericObjectPool.WHEN_EXHAUSTED_GROW );
//adminPool.setMaxActive( max );
2. Relax Control (LdapDataProvider)
if ( setRelaxControl )
{
addRequest.addControl( new RelaxControlImpl() );
}
: ERR_08002_CANNOT_FIND_CONTROL_FACTORY failed to find a control factory for control OID: 1.3.6.1.4.1.4203.666.5.12
2021-06-21 17:05:027 WARN LdapNetworkConnection:2478 - org.apache.directory.api.asn1.EncoderException: ERR_08002_CANNOT_FIND_CONTROL_FACTORY failed to find a control factory for control OID: 1.3.6.1.4.1.4203.666.5.12
org.apache.mina.filter.codec.ProtocolEncoderException: org.apache.directory.api.asn1.EncoderException: ERR_08002_CANNOT_FIND_CONTROL_FACTORY failed to find a control factory for control OID: 1.3.6.1.4.1.4203.666.5.12
3. PW Policy Control (LdapDataProvider)
protected PasswordPolicy getPwdRespCtrl(Response resp )
{
//Control control = resp.getControls().get( PP_REQ_CTRL.getOid() );
Control control = resp.getControls().get( "1.3.6.1.4.1.42.2.27.8.5.1" );
if ( control == null )
{
return null;
}
return ( ( PasswordPolicyDecorator ) control ).getDecorated();
}
4. RBAC Accelerator Extended Ops (LdapConnectionProvider)
List<String> listExOps = new ArrayList<>();
listExOps.add( "org.openldap.accelerator.impl.createSession.RbacCreateSessionFactory" );
listExOps.add( "org.openldap.accelerator.impl.checkAccess.RbacCheckAccessFactory" );
listExOps.add( "org.openldap.accelerator.impl.addRole.RbacAddRoleFactory" );
listExOps.add( "org.openldap.accelerator.impl.dropRole.RbacDropRoleFactory" );
listExOps.add( "org.openldap.accelerator.impl.deleteSession.RbacDeleteSessionFactory" );
listExOps.add( "org.openldap.accelerator.impl.sessionRoles.RbacSessionRolesFactory" );
LdapApiService ldapApiService = new StandaloneLdapApiService( new ArrayList<String>(), listExOps );
if ( !LdapApiServiceFactory.isInitialized() )
{
LdapApiServiceFactory.initialize( ldapApiService );
}
config.setLdapApiService( ldapApiService );
> Migrate to LDAP API 2.0
> -----------------------
>
> Key: FC-238
> URL: https://issues.apache.org/jira/browse/FC-238
> Project: FORTRESS
> Issue Type: Improvement
> Affects Versions: 2.0.1
> Reporter: Shawn McKinney
> Assignee: Shawn McKinney
> Priority: Major
> Fix For: 2.0.6
>
>
> The code compiles, but gets NPE when fortress tries to open a pool to the server
> ******
> Steps to recreate.
> # Get fortress env, checkout latest, follow the steps in DOCKER README to get either openldap or apacheds server up.
> # You may skip the junit tests, do the data loads, i.e. mvn test -Pload.file=
> ## in order to verify the env is running correctly run this test:
> ### mvn test -Pconsole <-– should be no errors
> # Now checkout the code that is using ldap api 2.0.0
> ## git checkout 7fdd12f6aef06c43817c6f6a71baeb67f9e19000
> # connect with fortress console:
> ## mvn test -Pconsole
> Get the error:
>
> 2018-07-30 11:25:054 INFO CodecFactoryUtil:404 - MSG_06002_REGISTERED_INTERMEDIATE_FACTORY (1.3.6.1.4.1.4203.1.9.1.4)
> [WARNING]
> org.apache.directory.fortress.core.CfgRuntimeException: Exception caught initializing Admin Pool: java.lang.NullPointerException, errCode=135
> at org.apache.directory.fortress.core.ldap.LdapConnectionProvider.init(LdapConnectionProvider.java:191)
> at org.apache.directory.fortress.core.ldap.LdapConnectionProvider.<init>(LdapConnectionProvider.java:116)
> at org.apache.directory.fortress.core.ldap.LdapConnectionProvider.getInstance(LdapConnectionProvider.java:103)
> at org.apache.directory.fortress.core.ldap.LdapDataProvider.closeAdminConnection(LdapDataProvider.java:1215)
> at org.apache.directory.fortress.core.impl.ConfigDAO.getConfig(ConfigDAO.java:327)
> at org.apache.directory.fortress.core.impl.ConfigP.read(ConfigP.java:175)
> at org.apache.directory.fortress.core.impl.ConfigMgrImpl.read(ConfigMgrImpl.java:102)
> at org.apache.directory.fortress.core.util.Config.getRemoteConfig(Config.java:377)
> at org.apache.directory.fortress.core.util.Config.loadRemoteConfig(Config.java:655)
> at org.apache.directory.fortress.core.util.Config.getInstance(Config.java:101)
> at org.apache.directory.fortress.core.AdminMgrFactory.createInstance(AdminMgrFactory.java:68)
> at org.apache.directory.fortress.core.AdminMgrConsole.<init>(AdminMgrConsole.java:74)
> at org.apache.directory.fortress.core.ProcessMenuCommand.<init>(ProcessMenuCommand.java:38)
> at org.apache.directory.fortress.core.FortressConsole.main(FortressConsole.java:38)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:282)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: java.lang.NullPointerException
> at org.apache.directory.api.ldap.codec.standalone.StandaloneLdapApiService.loadControls(StandaloneLdapApiService.java:313)
> at org.apache.directory.api.ldap.codec.standalone.StandaloneLdapApiService.<init>(StandaloneLdapApiService.java:174)
> at org.apache.directory.fortress.core.ldap.LdapConnectionProvider.init(LdapConnectionProvider.java:180)
> ... 19 more
>
>
>
>
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org