[jira] [Commented] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP

2017-03-14 Thread Shaofeng SHI (JIRA) 

[ 
https://issues.apache.org/jira/browse/KYLIN-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15925559#comment-15925559
 ] 

Shaofeng SHI commented on KYLIN-2305:
-

Kanta, the JIRAs won't be closed until be formally released. You can set it as 
"Resolved" now to indicate it has been resolved.

> Unable to use long searchBase/Pattern for LDAP
> --
>
> Key: KYLIN-2305
> URL: https://issues.apache.org/jira/browse/KYLIN-2305
> Project: Kylin
>  Issue Type: Bug
>Affects Versions: v1.6.0
>Reporter: mathias kluba
>Assignee: Kanta Kuramoto
> Fix For: v2.0.0
>
> Attachments: KYLIN-2305.patch
>
>
> I try to use LDAP authentication.
> I set the ldap.user.searchBase & ldap.user.searchPattern & 
> ldap.user.groupSearchBase
> I followed the documentation 
> http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
> It crashed because of:
> {code}
> Failed to parse DN; nested exception is 
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 
> 38.  Encountered: "." (46), after : ""
> {code}
> I change the logger configuration to have debug to understand the query done 
> using Spring Security LdapTemplate.
> It seems that it trim the value at column 38 and add "..."
> I can't tell you my real AD path, but here is an example:
> in kylin.properties:
> {code}
>  
> ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
> {code}
> Debug log:
> {code}
> 2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] 
> search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with 
> user search [ searchFilter: '(sAMAccountName={0})', searchBase: 
> 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 
> 0, derefLinkFlag: false ]
> {code}
> I change the searchBase to be shorted (less than 38 char) and it seems that 
> the bug is the same with the searchPattern and the groupSearchBase.
> I don't know where Kylin is reading these properties, but it seems that it 
> doesn't use the right function (maybe toString() that trim the value?)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP

2017-03-14 Thread Kanta Kuramoto (JIRA) 

[ 
https://issues.apache.org/jira/browse/KYLIN-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15925422#comment-15925422
 ] 

Kanta Kuramoto commented on KYLIN-2305:
---

Thank you for the review and merging the patch, [~yimingliu] and 
[~Shaofengshi]. Can I close this JIRA?

> Unable to use long searchBase/Pattern for LDAP
> --
>
> Key: KYLIN-2305
> URL: https://issues.apache.org/jira/browse/KYLIN-2305
> Project: Kylin
>  Issue Type: Bug
>Affects Versions: v1.6.0
>Reporter: mathias kluba
>Assignee: Kanta Kuramoto
> Fix For: v2.0.0
>
> Attachments: KYLIN-2305.patch
>
>
> I try to use LDAP authentication.
> I set the ldap.user.searchBase & ldap.user.searchPattern & 
> ldap.user.groupSearchBase
> I followed the documentation 
> http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
> It crashed because of:
> {code}
> Failed to parse DN; nested exception is 
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 
> 38.  Encountered: "." (46), after : ""
> {code}
> I change the logger configuration to have debug to understand the query done 
> using Spring Security LdapTemplate.
> It seems that it trim the value at column 38 and add "..."
> I can't tell you my real AD path, but here is an example:
> in kylin.properties:
> {code}
>  
> ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
> {code}
> Debug log:
> {code}
> 2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] 
> search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with 
> user search [ searchFilter: '(sAMAccountName={0})', searchBase: 
> 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 
> 0, derefLinkFlag: false ]
> {code}
> I change the searchBase to be shorted (less than 38 char) and it seems that 
> the bug is the same with the searchPattern and the groupSearchBase.
> I don't know where Kylin is reading these properties, but it seems that it 
> doesn't use the right function (maybe toString() that trim the value?)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP

2017-03-11 Thread Shaofeng SHI (JIRA) 

[ 
https://issues.apache.org/jira/browse/KYLIN-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15906211#comment-15906211
 ] 

Shaofeng SHI commented on KYLIN-2305:
-

Patch merged into master branch: 
https://github.com/apache/kylin/commit/181b6c5c16fc0506a475993f3735a4b7e73a07c1


> Unable to use long searchBase/Pattern for LDAP
> --
>
> Key: KYLIN-2305
> URL: https://issues.apache.org/jira/browse/KYLIN-2305
> Project: Kylin
>  Issue Type: Bug
>Affects Versions: v1.6.0
>Reporter: mathias kluba
>Assignee: Kanta Kuramoto
> Fix For: v2.0.0
>
> Attachments: KYLIN-2305.patch
>
>
> I try to use LDAP authentication.
> I set the ldap.user.searchBase & ldap.user.searchPattern & 
> ldap.user.groupSearchBase
> I followed the documentation 
> http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
> It crashed because of:
> {code}
> Failed to parse DN; nested exception is 
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 
> 38.  Encountered: "." (46), after : ""
> {code}
> I change the logger configuration to have debug to understand the query done 
> using Spring Security LdapTemplate.
> It seems that it trim the value at column 38 and add "..."
> I can't tell you my real AD path, but here is an example:
> in kylin.properties:
> {code}
>  
> ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
> {code}
> Debug log:
> {code}
> 2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] 
> search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with 
> user search [ searchFilter: '(sAMAccountName={0})', searchBase: 
> 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 
> 0, derefLinkFlag: false ]
> {code}
> I change the searchBase to be shorted (less than 38 char) and it seems that 
> the bug is the same with the searchPattern and the groupSearchBase.
> I don't know where Kylin is reading these properties, but it seems that it 
> doesn't use the right function (maybe toString() that trim the value?)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP

2017-03-10 Thread Billy Liu (JIRA) 

[ 
https://issues.apache.org/jira/browse/KYLIN-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15905441#comment-15905441
 ] 

Billy Liu commented on KYLIN-2305:
--

+1. 

> Unable to use long searchBase/Pattern for LDAP
> --
>
> Key: KYLIN-2305
> URL: https://issues.apache.org/jira/browse/KYLIN-2305
> Project: Kylin
>  Issue Type: Bug
>Affects Versions: v1.6.0
>Reporter: mathias kluba
>Assignee: Kanta Kuramoto
> Attachments: KYLIN-2305.patch
>
>
> I try to use LDAP authentication.
> I set the ldap.user.searchBase & ldap.user.searchPattern & 
> ldap.user.groupSearchBase
> I followed the documentation 
> http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
> It crashed because of:
> {code}
> Failed to parse DN; nested exception is 
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 
> 38.  Encountered: "." (46), after : ""
> {code}
> I change the logger configuration to have debug to understand the query done 
> using Spring Security LdapTemplate.
> It seems that it trim the value at column 38 and add "..."
> I can't tell you my real AD path, but here is an example:
> in kylin.properties:
> {code}
>  
> ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
> {code}
> Debug log:
> {code}
> 2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] 
> search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with 
> user search [ searchFilter: '(sAMAccountName={0})', searchBase: 
> 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 
> 0, derefLinkFlag: false ]
> {code}
> I change the searchBase to be shorted (less than 38 char) and it seems that 
> the bug is the same with the searchPattern and the groupSearchBase.
> I don't know where Kylin is reading these properties, but it seems that it 
> doesn't use the right function (maybe toString() that trim the value?)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP

2017-03-10 Thread Shaofeng SHI (JIRA) 

[ 
https://issues.apache.org/jira/browse/KYLIN-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15904700#comment-15904700
 ] 

Shaofeng SHI commented on KYLIN-2305:
-

+1 Looks good, thanks Kanta!

> Unable to use long searchBase/Pattern for LDAP
> --
>
> Key: KYLIN-2305
> URL: https://issues.apache.org/jira/browse/KYLIN-2305
> Project: Kylin
>  Issue Type: Bug
>Affects Versions: v1.6.0
>Reporter: mathias kluba
>Assignee: Kanta Kuramoto
> Attachments: KYLIN-2305.patch
>
>
> I try to use LDAP authentication.
> I set the ldap.user.searchBase & ldap.user.searchPattern & 
> ldap.user.groupSearchBase
> I followed the documentation 
> http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
> It crashed because of:
> {code}
> Failed to parse DN; nested exception is 
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 
> 38.  Encountered: "." (46), after : ""
> {code}
> I change the logger configuration to have debug to understand the query done 
> using Spring Security LdapTemplate.
> It seems that it trim the value at column 38 and add "..."
> I can't tell you my real AD path, but here is an example:
> in kylin.properties:
> {code}
>  
> ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
> {code}
> Debug log:
> {code}
> 2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] 
> search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with 
> user search [ searchFilter: '(sAMAccountName={0})', searchBase: 
> 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 
> 0, derefLinkFlag: false ]
> {code}
> I change the searchBase to be shorted (less than 38 char) and it seems that 
> the bug is the same with the searchPattern and the groupSearchBase.
> I don't know where Kylin is reading these properties, but it seems that it 
> doesn't use the right function (maybe toString() that trim the value?)



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Commented] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP

2017-01-11 Thread mathias kluba (JIRA) 

[ 
https://issues.apache.org/jira/browse/KYLIN-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15818198#comment-15818198
 ] 

mathias kluba commented on KYLIN-2305:
--

Sorry but I don't agree.
With a smaller searchBase (under 38 characters) it works.
The error message says: "Failed to parse DN; ... Lexical error at line 1, 
column 38.  Encountered: "."

We can see that the Spring Security code that uses LDAP java API is parsing a 
string to build a DN, and crashes because the String is not correct at column 
38.

> Unable to use long searchBase/Pattern for LDAP
> --
>
> Key: KYLIN-2305
> URL: https://issues.apache.org/jira/browse/KYLIN-2305
> Project: Kylin
>  Issue Type: Bug
>Affects Versions: v1.6.0
>Reporter: mathias kluba
>
> I try to use LDAP authentication.
> I set the ldap.user.searchBase & ldap.user.searchPattern & 
> ldap.user.groupSearchBase
> I followed the documentation 
> http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
> It crashed because of:
> {code}
> Failed to parse DN; nested exception is 
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 
> 38.  Encountered: "." (46), after : ""
> {code}
> I change the logger configuration to have debug to understand the query done 
> using Spring Security LdapTemplate.
> It seems that it trim the value at column 38 and add "..."
> I can't tell you my real AD path, but here is an example:
> in kylin.properties:
> {code}
>  
> ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
> {code}
> Debug log:
> {code}
> 2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] 
> search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with 
> user search [ searchFilter: '(sAMAccountName={0})', searchBase: 
> 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 
> 0, derefLinkFlag: false ]
> {code}
> I change the searchBase to be shorted (less than 38 char) and it seems that 
> the bug is the same with the searchPattern and the groupSearchBase.
> I don't know where Kylin is reading these properties, but it seems that it 
> doesn't use the right function (maybe toString() that trim the value?)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP

2017-01-04 Thread Shaofeng SHI (JIRA) 

[ 
https://issues.apache.org/jira/browse/KYLIN-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15800492#comment-15800492
 ] 

Shaofeng SHI commented on KYLIN-2305:
-

Agree with Billy; Kylin desn't trim the value. If you don't believe, you can 
find the kylinSecurity.xml file (should be in 
$KYLIN_HOME/tomcat/webapps/kylin/WEB-INF/classes) and the replace the 
"ldap.user.searchBase" property with your values, then try again.

> Unable to use long searchBase/Pattern for LDAP
> --
>
> Key: KYLIN-2305
> URL: https://issues.apache.org/jira/browse/KYLIN-2305
> Project: Kylin
>  Issue Type: Bug
>Affects Versions: v1.6.0
>Reporter: mathias kluba
>
> I try to use LDAP authentication.
> I set the ldap.user.searchBase & ldap.user.searchPattern & 
> ldap.user.groupSearchBase
> I followed the documentation 
> http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
> It crashed because of:
> {code}
> Failed to parse DN; nested exception is 
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 
> 38.  Encountered: "." (46), after : ""
> {code}
> I change the logger configuration to have debug to understand the query done 
> using Spring Security LdapTemplate.
> It seems that it trim the value at column 38 and add "..."
> I can't tell you my real AD path, but here is an example:
> in kylin.properties:
> {code}
>  
> ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
> {code}
> Debug log:
> {code}
> 2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] 
> search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with 
> user search [ searchFilter: '(sAMAccountName={0})', searchBase: 
> 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 
> 0, derefLinkFlag: false ]
> {code}
> I change the searchBase to be shorted (less than 38 char) and it seems that 
> the bug is the same with the searchPattern and the groupSearchBase.
> I don't know where Kylin is reading these properties, but it seems that it 
> doesn't use the right function (maybe toString() that trim the value?)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP

2016-12-20 Thread Billy Liu (JIRA) 

[ 
https://issues.apache.org/jira/browse/KYLIN-2305?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15764317#comment-15764317
 ] 

Billy Liu commented on KYLIN-2305:
--

I don't think there are length limit or wrong trim function here. The "..." is 
just used for logging information. Kylin use Spring Security to access LDAP, 
not directly. 

> Unable to use long searchBase/Pattern for LDAP
> --
>
> Key: KYLIN-2305
> URL: https://issues.apache.org/jira/browse/KYLIN-2305
> Project: Kylin
>  Issue Type: Bug
>Affects Versions: v1.6.0
>Reporter: mathias kluba
>
> I try to use LDAP authentication.
> I set the ldap.user.searchBase & ldap.user.searchPattern & 
> ldap.user.groupSearchBase
> I followed the documentation 
> http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
> It crashed because of:
> {code}
> Failed to parse DN; nested exception is 
> org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 
> 38.  Encountered: "." (46), after : ""
> {code}
> I change the logger configuration to have debug to understand the query done 
> using Spring Security LdapTemplate.
> It seems that it trim the value at column 38 and add "..."
> I can't tell you my real AD path, but here is an example:
> in kylin.properties:
> {code}
>  
> ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
> {code}
> Debug log:
> {code}
> 2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] 
> search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with 
> user search [ searchFilter: '(sAMAccountName={0})', searchBase: 
> 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 
> 0, derefLinkFlag: false ]
> {code}
> I change the searchBase to be shorted (less than 38 char) and it seems that 
> the bug is the same with the searchPattern and the groupSearchBase.
> I don't know where Kylin is reading these properties, but it seems that it 
> doesn't use the right function (maybe toString() that trim the value?)



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)