You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@archiva.apache.org by "Rabe, Jens" <je...@iwes.fraunhofer.de> on 2014/07/16 18:23:09 UTC

Redback LDAP does not find any groups; NPEs on the logs

Hello,

I have the following problem:

I set up an OpenLDAP server, and created the following organizational units:
ou=groups,dc=mycompany,dc=com
ou=people,dc=mycompany,dc=com

In the groups OU I created two POSIX groups, in the people OU I created some users.

Now, I configured Redback the following:
host - my LDAP host
port - 389
Writable - disabled
baseDN - ou=people,dc=mycompany,dc=com
Base DN for groups - ou=groups,dc=mycompany,dc=com
bindDN - cn=admin,dc=mycompany,dc=com
password - the password for the admin account

I left all other fields at the defaults. When I click "Verify LDAP changes" the connection succeeds. After clicking "Save" and "Verify LDAP configuration on server side" there is a success, too.

Now, when I go to LDAP/Roles Mapping, the LDAP groups field does not pick up the groups I created in ou=groups, and when I save and drag the LDAP user manager and RBac manager, I get:

An error has happened you must contact the administrator to check the logs.

This is caused by the following exception (Stack trace abbreviated):
INFO   | jvm 1    | 2014/07/16 18:20:44 | java.lang.NullPointerException
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at javax.naming.NameImpl.<init>(NameImpl.java:281)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at javax.naming.CompositeName.<init>(CompositeName.java:231)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:339)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.archiva.redback.common.ldap.role.DefaultLdapRoleMapper.getAllGroups(DefaultLdapRoleMapper.java:143)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.archiva.redback.rest.services.DefaultLdapGroupMappingService.getLdapGroups(DefaultLdapGroupMappingService.java:79)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at java.lang.reflect.Method.invoke(Method.java:606)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:165)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:89)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:239)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:213)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:131)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:266)
INFO   | jvm 1    | 2014/07/16 18:20:44 |     at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:191)

What am I missing? It is probably something I am missing on the LDAP server, could anyone please point me to the solution?

Thanks,
Jens

Re: Redback LDAP does not find any groups; NPEs on the logs

Posted by Jonathan Sharp <fo...@gmail.com>.

Hi Jens,

I was eventually able to reproduce this NPE with the jetty/console against
a local openLDAP install. For me, restarting the console caused the error
message to disappear and the groups I created to appear in the drop-down
under LDAP/Roles Mapping. However, I was using inetOrgPerson and
groupOfUniqueNames object classes in my ldap directory. Also, there were
other issues I had to work around after that...

Do you have a need to use posix groups? There is additional configuration
you will have to do in /conf/archiva.xml to make them work, as per this bug
report:
http://jira.codehaus.org/browse/MRM-1810

Best,

-Jon


On Wed, Jul 16, 2014 at 9:23 AM, Rabe, Jens <je...@iwes.fraunhofer.de>
wrote:

> Hello,
>
> I have the following problem:
>
> I set up an OpenLDAP server, and created the following organizational
> units:
> ou=groups,dc=mycompany,dc=com
> ou=people,dc=mycompany,dc=com
>
> In the groups OU I created two POSIX groups, in the people OU I created
> some users.
>
> Now, I configured Redback the following:
> host - my LDAP host
> port - 389
> Writable - disabled
> baseDN - ou=people,dc=mycompany,dc=com
> Base DN for groups - ou=groups,dc=mycompany,dc=com
> bindDN - cn=admin,dc=mycompany,dc=com
> password - the password for the admin account
>
> I left all other fields at the defaults. When I click "Verify LDAP
> changes" the connection succeeds. After clicking "Save" and "Verify LDAP
> configuration on server side" there is a success, too.
>
> Now, when I go to LDAP/Roles Mapping, the LDAP groups field does not pick
> up the groups I created in ou=groups, and when I save and drag the LDAP
> user manager and RBac manager, I get:
>
> An error has happened you must contact the administrator to check the logs.
>
> This is caused by the following exception (Stack trace abbreviated):
> INFO   | jvm 1    | 2014/07/16 18:20:44 | java.lang.NullPointerException
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> javax.naming.NameImpl.<init>(NameImpl.java:281)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> javax.naming.CompositeName.<init>(CompositeName.java:231)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:339)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.archiva.redback.common.ldap.role.DefaultLdapRoleMapper.getAllGroups(DefaultLdapRoleMapper.java:143)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.archiva.redback.rest.services.DefaultLdapGroupMappingService.getLdapGroups(DefaultLdapGroupMappingService.java:79)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> java.lang.reflect.Method.invoke(Method.java:606)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:165)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:89)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:237)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:239)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:213)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:131)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:266)
> INFO   | jvm 1    | 2014/07/16 18:20:44 |     at
> org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:191)
>
> What am I missing? It is probably something I am missing on the LDAP
> server, could anyone please point me to the solution?
>
> Thanks,
> Jens
>
>