RE: Users and Roles definition with LDAP

Wed, 05 Dec 2007 04:42:41 -0800 

Hey Alberto,
 
Somehow the user principal name is null, the first where it happens to break is 
the hashCode() function of the user principal class. There can be several 
reasons for this : 
 
* a misconfiguration in your ldap config. Can you check this construction 
parameter in your spring LDAP config file:
<!-- The UidAttribute. -->

<constructor-arg index="25"><value>cn</value></constructor-arg>

Is this the correct value? For example, if your user DN looks like: 
o=sevenSeas,ou=foo,cn=admin  then the value should be "cn".

*  you have set an incorrect user DN value on the RoleMembership attribute. 
Jetspeed tries to resolve the user principal name from that DN, by looking up 
the part of after the uid attribute ( ... , cn=..).   

 

Anyway, I think you  found a bug in one of the LDAP classes, I think principals 
with name null should never be created :)  I'm going to make a patch for this.

thanks,

Dennis


 

________________________________

Van: Alberto Troisi [mailto:[EMAIL PROTECTED]
Verzonden: wo 5-12-2007 12:06
Aan: Jetspeed Users List
Onderwerp: Re: Users and Roles definition with LDAP



Hi Dennis,
thanks for your answer and sorry for my delay. This is the exception
stacktrace:

2007-12-05 11:55:11,750 [http-8080-Processor23] ERROR
org.apache.portals.gems.browser.BrowserPortlet - Exception
java.lang.NullPointerException
    at
org.apache.jetspeed.security.impl.BasePrincipalImpl.hashCode(BasePrincipalImpl.java:75)
    at java.util.HashMap.put(HashMap.java:418)
    at java.util.HashSet.add(HashSet.java:194)
    at
org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandler.getUserPrincipalsInRole(LdapSecurityMappingHandler.java:326)
    at
org.apache.jetspeed.security.spi.impl.LdapSecurityMappingHandler.getUserPrincipalsInRole(LdapSecurityMappingHandler.java:252)
    at
org.apache.jetspeed.security.impl.UserManagerImpl.getUsersInRole(UserManagerImpl.java:460)
    at
org.apache.jetspeed.portlets.security.roles.RoleDetails.getRows(RoleDetails.java:109)
    at
org.apache.jetspeed.portlets.security.roles.RoleDetails.getRows(RoleDetails.java:81)
    at
org.apache.portals.gems.browser.BrowserPortlet.doView(BrowserPortlet.java:189)
    at
org.apache.jetspeed.portlets.security.roles.RoleDetails.doView(RoleDetails.java:174)
    at javax.portlet.GenericPortlet.doDispatch(GenericPortlet.java:247)
    at javax.portlet.GenericPortlet.render(GenericPortlet.java:175)
    at
org.apache.portals.bridges.velocity.GenericVelocityPortlet.render(GenericVelocityPortlet.java:164)
    at
org.apache.jetspeed.factory.JetspeedPortletInstance.render(JetspeedPortletInstance.java:103)
    at
org.apache.jetspeed.container.JetspeedContainerServlet.doGet(JetspeedContainerServlet.java:265)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
    at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
    at
org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:574)
    at
org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:499)
    at
org.apache.jetspeed.container.invoker.ServletPortletInvoker.invoke(ServletPortletInvoker.java:245)
    at
org.apache.jetspeed.container.invoker.ServletPortletInvoker.render(ServletPortletInvoker.java:128)
    at
org.apache.pluto.PortletContainerImpl.renderPortlet(PortletContainerImpl.java:119)
    at
org.apache.jetspeed.container.JetspeedPortletContainerWrapper.renderPortlet(JetspeedPortletContainerWrapper.java:121)
    at
org.apache.jetspeed.aggregator.impl.RenderingJobImpl.execute(RenderingJobImpl.java:242)
    at
org.apache.jetspeed.aggregator.impl.PortletRendererImpl.renderNow(PortletRendererImpl.java:226)
    at
org.apache.jetspeed.aggregator.impl.PageAggregatorImpl.aggregateAndRender(PageAggregatorImpl.java:147)
    at
org.apache.jetspeed.aggregator.impl.PageAggregatorImpl.aggregateAndRender(PageAggregatorImpl.java:143)
    at
org.apache.jetspeed.aggregator.impl.PageAggregatorImpl.build(PageAggregatorImpl.java:78)
    at
org.apache.jetspeed.aggregator.AggregatorValve.invoke(AggregatorValve.java:46)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.aggregator.HeaderAggregatorValve.invoke(HeaderAggregatorValve.java:53)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.decoration.DecorationValve.invoke(DecorationValve.java:130)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.resource.ResourceValveImpl.invoke(ResourceValveImpl.java:130)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.pipeline.valve.impl.ActionValveImpl.invoke(ActionValveImpl.java:184)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.container.ContainerValve.invoke(ContainerValve.java:104)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.profiler.impl.ProfilerValveImpl.invoke(ProfilerValveImpl.java:248)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.security.impl.LoginValidationValveImpl.invoke(LoginValidationValveImpl.java:159)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.security.impl.PasswordCredentialValveImpl.invoke(PasswordCredentialValveImpl.java:150)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.localization.impl.LocalizationValveImpl.invoke(LocalizationValveImpl.java:170)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.security.impl.AbstractSecurityValve$1.run(AbstractSecurityValve.java:138)
    at java.security.AccessController.doPrivileged(Native Method)
    at javax.security.auth.Subject.doAsPrivileged(Subject.java:454)
    at
org.apache.jetspeed.security.JSSubject.doAsPrivileged(JSSubject.java:179)
    at
org.apache.jetspeed.security.impl.AbstractSecurityValve.invoke(AbstractSecurityValve.java:132)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.container.url.impl.PortalURLValveImpl.invoke(PortalURLValveImpl.java:66)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.capabilities.impl.CapabilityValveImpl.invoke(CapabilityValveImpl.java:126)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline$Invocation.invokeNext(JetspeedPipeline.java:167)
    at
org.apache.jetspeed.pipeline.JetspeedPipeline.invoke(JetspeedPipeline.java:146)
    at
org.apache.jetspeed.engine.JetspeedEngine.service(JetspeedEngine.java:227)
    at
org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:242)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
    at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at
org.apache.jetspeed.engine.servlet.XXSUrlAttackFilter.doFilter(XXSUrlAttackFilter.java:52)
    at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
    at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
    at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
    at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
    at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
    at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
    at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
    at org.josso.tc55.agent.SSOAgentValve.invoke(SSOAgentValve.java:541)
    at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
    at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
    at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
    at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
    at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
    at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
    at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)



Dennis Dam ha scritto:
> Hi Troisi,
>
> can you paste a stacktrace of the null pointer exception here ? That
> would be of great help.
>
> Dennis
>
> Alberto Troisi wrote:
>> Hi,
>> following the guidelines of the "Role membership" section in the
>> Jetspeed & LDAP tutorial
>> (http://portals.apache.org/jetspeed-2/multiproject/jetspeed-security/ldap.html#Group_Role_membership),
>> I defined the RoleMembership attribute and I set an empty value for
>> the UserRoleMembership in order to store the role membership as a
>> role attribute (the default was to store it as user attribute).
>> Now, when I access to Role Management page, in the "Security
>> Administration" section on the Jetspeed portal,  I can't view details
>> for a selected role: I have a NullPointerException. On the other
>> hand, in the User Management page, I can view roles details about a
>> defined user.
>>
>> Is the problem related to a missing configuration in the
>> security-spi-ldap.xml file?
>>
>> Thanks in advance.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
> __________ Informazione NOD32 2698 (20071203) __________
>
> Questo messaggio  รจ stato controllato dal Sistema Antivirus NOD32
> http://www.nod32.it <http://www.nod32.it/> 
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to