You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@syncope.apache.org by Francesco Chicchiriccò <il...@apache.org> on 2018/09/20 06:42:34 UTC
Re: Ldap pull task fail if one or more of ldap users have uid like
this "Na\\\me" or "Na\me"
On 18/09/2018 15:14, Alex123 wrote:
> Hi!
> Syncope 2.1.1
> net.tirasa.connid.bundles.ldap 1.5.2
> Ldap pull task fail if one or more ldap users have uid like this "Na\\\me"
Hi,
the exception is raised by the LDAP Connector (and only cascades on
Syncope), on this line:
https://github.com/Tirasa/ConnIdLDAPBundle/blob/master/src/main/java/net/tirasa/connid/bundles/ldap/commons/LdapUtil.java#L191
...because of an InvalidNameException - pretty much clear, no?
Regards.
> org.quartz.JobExecutionException: While pulling from connector [See nested
> exception: java.lang.IllegalArgumentException: Not a valid attribute string
> value:adeve\\\\\\\\\\\loper,improper usage of backslash]
> at
> org.apache.syncope.core.provisioning.java.pushpull.PullJobDelegate.doExecuteProvisioning(PullJobDelegate.java:365)
> at
> org.apache.syncope.core.provisioning.java.pushpull.PullJobDelegate.doExecuteProvisioning(PullJobDelegate.java:67)
> at
> org.apache.syncope.core.provisioning.java.pushpull.AbstractProvisioningJobDelegate.doExecute(AbstractProvisioningJobDelegate.java:553)
> at
> org.apache.syncope.core.provisioning.java.job.AbstractSchedTaskJobDelegate.execute(AbstractSchedTaskJobDelegate.java:120)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:197)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
> at
> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:294)
> at
> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98)
> at
> org.apache.syncope.core.persistence.jpa.spring.DomainTransactionInterceptor.invoke(DomainTransactionInterceptor.java:60)
> at
> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185)
> at
> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
> at com.sun.proxy.$Proxy385.execute(Unknown Source)
> at
> org.apache.syncope.core.provisioning.java.job.TaskJob.lambda$execute$0(TaskJob.java:87)
> at
> org.apache.syncope.core.spring.security.AuthContextUtils.execWithAuthContext(AuthContextUtils.java:126)
> at
> org.apache.syncope.core.provisioning.java.job.TaskJob.execute(TaskJob.java:76)
> at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
> at
> org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573)
> Caused by: java.lang.IllegalArgumentException: Not a valid attribute string
> value:adeve\\\\\\\\\\\loper,improper usage of backslash
> at javax.naming.ldap.Rdn.unescapeValue(Rdn.java:654)
> at javax.naming.ldap.Rfc2253Parser.doParse(Rfc2253Parser.java:118)
> at javax.naming.ldap.Rfc2253Parser.parseDn(Rfc2253Parser.java:70)
> at javax.naming.ldap.LdapName.parse(LdapName.java:785)
> at javax.naming.ldap.LdapName.<init>(LdapName.java:123)
> at
> net.tirasa.connid.bundles.ldap.commons.LdapUtil.quietCreateLdapName(LdapUtil.java:191)
> at
> net.tirasa.connid.bundles.ldap.commons.LdapEntry.join(LdapEntry.java:73)
> at
> net.tirasa.connid.bundles.ldap.commons.LdapEntry.access$000(LdapEntry.java:43)
> at
> net.tirasa.connid.bundles.ldap.commons.LdapEntry$SearchResultBased.getDN(LdapEntry.java:131)
> at
> net.tirasa.connid.bundles.ldap.schema.LdapSchemaMapping.createName(LdapSchemaMapping.java:286)
> at
> net.tirasa.connid.bundles.ldap.search.LdapSearch.createConnectorObject(LdapSearch.java:262)
> at
> net.tirasa.connid.bundles.ldap.search.LdapSearch.access$000(LdapSearch.java:67)
> at
> net.tirasa.connid.bundles.ldap.search.LdapSearch$1.handle(LdapSearch.java:141)
> at
> net.tirasa.connid.bundles.ldap.search.PagedSearchStrategy.doSearch(PagedSearchStrategy.java:128)
> at
> net.tirasa.connid.bundles.ldap.search.LdapInternalSearch.execute(LdapInternalSearch.java:67)
> at
> net.tirasa.connid.bundles.ldap.search.LdapSearch.execute(LdapSearch.java:137)
> at
> net.tirasa.connid.bundles.ldap.LdapConnector.executeQuery(LdapConnector.java:136)
> at
> net.tirasa.connid.bundles.ldap.LdapConnector.executeQuery(LdapConnector.java:57)
> at
> org.identityconnectors.framework.impl.api.local.operations.SearchImpl.rawSearch(SearchImpl.java:171)
> at
> org.identityconnectors.framework.impl.api.local.operations.SearchImpl.search(SearchImpl.java:130)
> at sun.reflect.GeneratedMethodAccessor762.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:98)
> at com.sun.proxy.$Proxy389.search(Unknown Source)
> at sun.reflect.GeneratedMethodAccessor762.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96)
> at com.sun.proxy.$Proxy389.search(Unknown Source)
> at sun.reflect.GeneratedMethodAccessor762.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.identityconnectors.framework.impl.api.BufferedResultsProxy$BufferedResultsHandler.run(BufferedResultsProxy.java:165)
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
Re: Ldap pull task fail if one or more of ldap users have uid like
this "Na\\\me" or "Na\me"
Posted by Francesco Chicchiriccò <il...@apache.org>.
On 20/09/2018 09:38, Alex123 wrote:
> Thank you for your answers.
>
> The root of problem is clear for me.
> But there is more specific questions
> - How to override target classes?
> - And why fail of one Ldap user breaks hole search response from Ldap
> connector?
It does so because the controller raises an unchecked exception - I
agree that the it could behave differently.
> I could not override javax.naming.ldap.Rdn with my own implementation.
> Also I could not override net.tirasa.connid.bundles.ldap.commons.LdapUtil
> class because ldap connector provided as standalone jar and is loaded to JVM
> in run-time.
You have always the option to fork the LDAP connector, make your wanted
changes (possibly changing bundles coordinates or simply version) and
use your own with Syncope [1].
Or you can try other LDAP connectors out there compatible with ConnId.
Regards.
[1]
http://syncope.apache.org/docs/2.1/reference-guide.html#install-connector-bundles
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
Re: Ldap pull task fail if one or more of ldap users have uid like
this "Na\\\me" or "Na\me"
Posted by Alex123 <my...@gmail.com>.
Thank you for your answers.
The root of problem is clear for me.
But there is more specific questions
- How to override target classes?
- And why fail of one Ldap user breaks hole search response from Ldap
connector?
I could not override javax.naming.ldap.Rdn with my own implementation.
Also I could not override net.tirasa.connid.bundles.ldap.commons.LdapUtil
class because ldap connector provided as standalone jar and is loaded to JVM
in run-time.
Thank you in advance for your help!
--
Sent from: http://syncope-user.1051894.n5.nabble.com/
Re: Ldap pull task fail if one or more of ldap users have uid like
this "Na\\\me" or "Na\me"
Posted by Andrea Patricelli <an...@apache.org>.
Hi,
in favor of what Francesco said, according to the Rdn implementation
ever tries to remove backslashes like non useful characters.
As workaround (to test) you could try to put 4 backslashes for each
backslash that you want to add, but it is not advisable to use them.
Best regards,
Andrea
Il 20/09/2018 08:42, Francesco Chicchiriccò ha scritto:
> On 18/09/2018 15:14, Alex123 wrote:
>> Hi!
>> Syncope 2.1.1
>> net.tirasa.connid.bundles.ldap 1.5.2
>> Ldap pull task fail if one or more ldap users have uid like this
>> "Na\\\me"
>
> Hi,
> the exception is raised by the LDAP Connector (and only cascades on
> Syncope), on this line:
>
> https://github.com/Tirasa/ConnIdLDAPBundle/blob/master/src/main/java/net/tirasa/connid/bundles/ldap/commons/LdapUtil.java#L191
>
>
> ...because of an InvalidNameException - pretty much clear, no?
>
> Regards.
>
>> org.quartz.JobExecutionException: While pulling from connector [See
>> nested
>> exception: java.lang.IllegalArgumentException: Not a valid attribute
>> string
>> value:adeve\\\\\\\\\\\loper,improper usage of backslash]
>> at
>> org.apache.syncope.core.provisioning.java.pushpull.PullJobDelegate.doExecuteProvisioning(PullJobDelegate.java:365)
>>
>> at
>> org.apache.syncope.core.provisioning.java.pushpull.PullJobDelegate.doExecuteProvisioning(PullJobDelegate.java:67)
>>
>> at
>> org.apache.syncope.core.provisioning.java.pushpull.AbstractProvisioningJobDelegate.doExecute(AbstractProvisioningJobDelegate.java:553)
>>
>> at
>> org.apache.syncope.core.provisioning.java.job.AbstractSchedTaskJobDelegate.execute(AbstractSchedTaskJobDelegate.java:120)
>>
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>>
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>
>> at java.lang.reflect.Method.invoke(Method.java:498)
>> at
>> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343)
>>
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:197)
>>
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
>>
>> at
>> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:294)
>>
>> at
>> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:98)
>>
>> at
>> org.apache.syncope.core.persistence.jpa.spring.DomainTransactionInterceptor.invoke(DomainTransactionInterceptor.java:60)
>>
>> at
>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185)
>>
>> at
>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:212)
>>
>> at com.sun.proxy.$Proxy385.execute(Unknown Source)
>> at
>> org.apache.syncope.core.provisioning.java.job.TaskJob.lambda$execute$0(TaskJob.java:87)
>>
>> at
>> org.apache.syncope.core.spring.security.AuthContextUtils.execWithAuthContext(AuthContextUtils.java:126)
>>
>> at
>> org.apache.syncope.core.provisioning.java.job.TaskJob.execute(TaskJob.java:76)
>>
>> at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
>> at
>> org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573)
>>
>> Caused by: java.lang.IllegalArgumentException: Not a valid attribute
>> string
>> value:adeve\\\\\\\\\\\loper,improper usage of backslash
>> at javax.naming.ldap.Rdn.unescapeValue(Rdn.java:654)
>> at javax.naming.ldap.Rfc2253Parser.doParse(Rfc2253Parser.java:118)
>> at javax.naming.ldap.Rfc2253Parser.parseDn(Rfc2253Parser.java:70)
>> at javax.naming.ldap.LdapName.parse(LdapName.java:785)
>> at javax.naming.ldap.LdapName.<init>(LdapName.java:123)
>> at
>> net.tirasa.connid.bundles.ldap.commons.LdapUtil.quietCreateLdapName(LdapUtil.java:191)
>>
>> at
>> net.tirasa.connid.bundles.ldap.commons.LdapEntry.join(LdapEntry.java:73)
>> at
>> net.tirasa.connid.bundles.ldap.commons.LdapEntry.access$000(LdapEntry.java:43)
>>
>> at
>> net.tirasa.connid.bundles.ldap.commons.LdapEntry$SearchResultBased.getDN(LdapEntry.java:131)
>>
>> at
>> net.tirasa.connid.bundles.ldap.schema.LdapSchemaMapping.createName(LdapSchemaMapping.java:286)
>>
>> at
>> net.tirasa.connid.bundles.ldap.search.LdapSearch.createConnectorObject(LdapSearch.java:262)
>>
>> at
>> net.tirasa.connid.bundles.ldap.search.LdapSearch.access$000(LdapSearch.java:67)
>>
>> at
>> net.tirasa.connid.bundles.ldap.search.LdapSearch$1.handle(LdapSearch.java:141)
>>
>> at
>> net.tirasa.connid.bundles.ldap.search.PagedSearchStrategy.doSearch(PagedSearchStrategy.java:128)
>>
>> at
>> net.tirasa.connid.bundles.ldap.search.LdapInternalSearch.execute(LdapInternalSearch.java:67)
>>
>> at
>> net.tirasa.connid.bundles.ldap.search.LdapSearch.execute(LdapSearch.java:137)
>>
>> at
>> net.tirasa.connid.bundles.ldap.LdapConnector.executeQuery(LdapConnector.java:136)
>>
>> at
>> net.tirasa.connid.bundles.ldap.LdapConnector.executeQuery(LdapConnector.java:57)
>>
>> at
>> org.identityconnectors.framework.impl.api.local.operations.SearchImpl.rawSearch(SearchImpl.java:171)
>>
>> at
>> org.identityconnectors.framework.impl.api.local.operations.SearchImpl.search(SearchImpl.java:130)
>>
>> at sun.reflect.GeneratedMethodAccessor762.invoke(Unknown Source)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>
>> at java.lang.reflect.Method.invoke(Method.java:498)
>> at
>> org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:98)
>>
>> at com.sun.proxy.$Proxy389.search(Unknown Source)
>> at sun.reflect.GeneratedMethodAccessor762.invoke(Unknown Source)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>
>> at java.lang.reflect.Method.invoke(Method.java:498)
>> at
>> org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96)
>>
>> at com.sun.proxy.$Proxy389.search(Unknown Source)
>> at sun.reflect.GeneratedMethodAccessor762.invoke(Unknown Source)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>
>> at java.lang.reflect.Method.invoke(Method.java:498)
>> at
>> org.identityconnectors.framework.impl.api.BufferedResultsProxy$BufferedResultsHandler.run(BufferedResultsProxy.java:165)
>>
>
--
Dott. Andrea Patricelli
Tel. +39 3204524292
Engineer @ Tirasa S.r.l.
Viale Vittoria Colonna 97 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net
Apache Syncope PMC Member