Re: LDAP Sync issue - Empty filter; nested exception is javax.naming.directory.InvalidSearchFilterException
What's your Kylin version? Which document are you following?
I just noticed the LDAP configuration document has been out of date for
some time. We will update it. But seems you're not following that -:).
BTW, there is no the configuration named
"kylin.security.ldap.user-search-filter" in Apache Kylin code base.
Jiatao Tao <245915...@qq.com> 于2018年10月13日周六 下午9:42写道:
> Hi,
> Can you try command '"ldapsearch" to get the users/groups you wanted
> first?
>
> ---
> Regards!
> Aron Tao
>
>
>
> On [DATE], "[NAME]" <[ADDRESS]> wrote:
>
> Hi - Please help us to solve the below issue to sync with LDAP
>
> Below is the kylin ldap configuration .
>
> kylin.security.profile=ldap
> kylin.security.acl.admin-role=ROLE_KYLIN-ADMIN-GROUP
>
> kylin.security.ldap.connection-server=ldap://:389
> kylin.security.ldap.connection-username=*
> kylin.security.ldap.connection-password=*
>
>
> kylin.security.ldap.user-search-base=OU=,OU=Applications,DC=,DC=com
>
> kylin.security.ldap.user-search-pattern=(&(cn={0})) --tried with many
> options but still same issue as below (CN=*,
> OU=Applications,OU=Groups,DC=bcbsfl,DC=com) (uid=*)
>
> #kylin.security.ldap.user-search-filter=CN=*,OU=Hadoop,DC=,DC=com
>
>
> kylin.security.ldap.user-group-search-base=OU=Requested,OU=Groups,DC=*,DC=com
>
>
>
> org.springframework.security.authentication.InternalAuthenticationServiceException:
> Empty filter; nested exception is
> javax.naming.directory.InvalidSearchFilterException: Empty filter;
> remaining
> name '/'
> at
>
> org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:206)
> at
>
> org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:85)
> at
>
> org.apache.kylin.rest.security.KylinAuthenticationProvider.authenticate(KylinAuthenticationProvider.java:94)
> at
>
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
> at
>
> org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199)
> at
>
> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:180)
> at
>
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> at
>
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> at
>
> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
> at
>
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> at
>
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
> at
>
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> at
>
> org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
> at
>
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> at
>
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
> at
>
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
>
>
> --
> Sent from: http://apache-kylin.74782.x6.nabble.com/
>
>
>
>
>
--
Best regards,
Shaofeng Shi 史少锋
Re: LDAP Sync issue - Empty filter; nested exception is javax.naming.directory.InvalidSearchFilterException
Hi,
Can you try command '"ldapsearch" to get the users/groups you wanted first?
---
Regards!
Aron Tao
On [DATE], "[NAME]" <[ADDRESS]> wrote:
Hi - Please help us to solve the below issue to sync with LDAP
Below is the kylin ldap configuration .
kylin.security.profile=ldap
kylin.security.acl.admin-role=ROLE_KYLIN-ADMIN-GROUP
kylin.security.ldap.connection-server=ldap://:389
kylin.security.ldap.connection-username=*
kylin.security.ldap.connection-password=*
kylin.security.ldap.user-search-base=OU=,OU=Applications,DC=,DC=com
kylin.security.ldap.user-search-pattern=(&(cn={0})) --tried with many
options but still same issue as below (CN=*,
OU=Applications,OU=Groups,DC=bcbsfl,DC=com) (uid=*)
#kylin.security.ldap.user-search-filter=CN=*,OU=Hadoop,DC=,DC=com
kylin.security.ldap.user-group-search-base=OU=Requested,OU=Groups,DC=*,DC=com
org.springframework.security.authentication.InternalAuthenticationServiceException:
Empty filter; nested exception is
javax.naming.directory.InvalidSearchFilterException: Empty filter; remaining
name '/'
at
org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:206)
at
org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:85)
at
org.apache.kylin.rest.security.KylinAuthenticationProvider.authenticate(KylinAuthenticationProvider.java:94)
at
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
at
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199)
at
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:180)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at
org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
--
Sent from: http://apache-kylin.74782.x6.nabble.com/
LDAP Sync issue - Empty filter; nested exception is javax.naming.directory.InvalidSearchFilterException
Hi - Please help us to solve the below issue to sync with LDAP
Below is the kylin ldap configuration .
kylin.security.profile=ldap
kylin.security.acl.admin-role=ROLE_KYLIN-ADMIN-GROUP
kylin.security.ldap.connection-server=ldap://:389
kylin.security.ldap.connection-username=*
kylin.security.ldap.connection-password=*
kylin.security.ldap.user-search-base=OU=,OU=Applications,DC=,DC=com
kylin.security.ldap.user-search-pattern=(&(cn={0})) --tried with many
options but still same issue as below (CN=*,
OU=Applications,OU=Groups,DC=bcbsfl,DC=com) (uid=*)
#kylin.security.ldap.user-search-filter=CN=*,OU=Hadoop,DC=,DC=com
kylin.security.ldap.user-group-search-base=OU=Requested,OU=Groups,DC=*,DC=com
org.springframework.security.authentication.InternalAuthenticationServiceException:
Empty filter; nested exception is
javax.naming.directory.InvalidSearchFilterException: Empty filter; remaining
name '/'
at
org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:206)
at
org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:85)
at
org.apache.kylin.rest.security.KylinAuthenticationProvider.authenticate(KylinAuthenticationProvider.java:94)
at
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174)
at
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199)
at
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:180)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at
org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
at
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
at
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
--
Sent from: http://apache-kylin.74782.x6.nabble.com/
