You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "Tobias Bocanegra (JIRA)" <ji...@apache.org> on 2015/05/21 02:38:59 UTC
[jira] [Commented] (OAK-2897) Regression - lookupOnValidate does
not work
[ https://issues.apache.org/jira/browse/OAK-2897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14553428#comment-14553428 ]
Tobias Bocanegra commented on OAK-2897:
---------------------------------------
also fixed in 1.0 branch in r1680711
> Regression - lookupOnValidate does not work
> -------------------------------------------
>
> Key: OAK-2897
> URL: https://issues.apache.org/jira/browse/OAK-2897
> Project: Jackrabbit Oak
> Issue Type: Improvement
> Components: auth-ldap
> Affects Versions: 1.2
> Reporter: Tobias Bocanegra
> Assignee: Tobias Bocanegra
> Priority: Minor
> Labels: docs-impacting, resilience
> Fix For: 1.4, 1.0.15
>
>
> regression of OAK-2783....
> On my local instance, I have tested the 4 combination of the new attributes in org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider
> @adminPool.lookupOnValidate (true)
> @userPool.lookupOnValidate (true)
> and found that only when both are set to true, I was able to login with credentials from LDAP server. see table below for time stamps of the four tested combinations.
> I have setup a test harness at http://10.36.65.137:4502. It is configured for LDAP server on my laptop, which provides user001 ... user010. All have same password, '1234'.
> Note: I have not repeated the above tests on the test harness due to time constraints.
> || time || adminPool.lookupOnValidate || userPool.lookupOnValidate || logon user001 ||
> | 16.05.2015 11:14:59.066 | false | true | NG @ 16.05.2015 11:16:37.431 (1) |
> | 16.05.2015 11:18:40.627 | false | false | NG @ 16.05.2015 11:19:54.971 (2) |
> | 16.05.2015 11:21:31.757 | true | false | NG @ ??. No error in LDAP.log. But username and pwd not match |
> | 16.05.2015 11:24:16.277 | true | true | OK |
> Excerpts from ldap.log
> {code}
> (1) 16.05.2015 11:16:37.435 *ERROR* [qtp2069601494-1250] org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider Error while connecting to the ldap server.
> java.util.NoSuchElementException: Could not create a validated object, cause: ValidateObject failed
> (2) 16.05.2015 11:19:54.971 *ERROR* [qtp2069601494-1249] org.apache.jackrabbit.oak.security.authentication.ldap.impl.LdapIdentityProvider Error while connecting to the ldap server.
> java.util.NoSuchElementException: Could not create a validated object, cause: ValidateObject failed
> at org.apache.commons.pool.impl.GenericObjectPool.borrowObject(GenericObjectPool.java:1233)
> at org.apache.directory.ldap.client.api.LdapConnectionPool.getConnection(LdapConnectionPool.java:56)
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)