On 13/08/2012 16.45, Francesco Chicchiriccò wrote:
On 13/08/2012 16.20, Colm O hEigeartaigh wrote:
Done, thanks. Two other related questions re potential bugs:
1) I created a new user and assigned a (LDAP) Resource. It propagated
successfully + I can see the new user in the backend resource.
However, when I edit the user in Syncope I see:
Syncope Newuser active icon
Apache DS resource cn=Newuser,ou=users,ou=system undefined icon
Why does an "undefined icon" appear when the propagation was successful?
Could you take a look at the propagation task that was created for
this operation (create user on LDAP resource)? There should be an
execution, possibly reporting an error message.
The "undefined icon" means that the LDAP resource did not return any
status information about that user.
Is your LDAP resource 'propagation primary'? Is enforcing mandatory
constraints?
2) I created a new user and assigned a (LDAP) Resource. It
propagated successfully. However if I try to delete in the Syncope
users console, nothing happens + no error message appears. Looking at
logs I see:
14:27:10.868 WARN org.springframework.web.client.RestTemplate - GET
request for "http://localhost:9080/syncope/rest/user/delete/105";
resulted in 400 (Bad Request); invoking error handler
14:27:10.869 WARN org.apache.wicket.protocol.http.WebSession -
Component-targetted feedback message was left unrendered. This could
be because you are missing a FeedbackPanel on the page. Message:
[FeedbackMessage message = "{[Propagation [Apache DS resource]], }",
reporter = listResult, level = ERROR]
When I look at the Core log I see:
SEVERE: Servlet.service() for servlet [syncope-core-rest] in context
with path [/syncope] threw exception [Request processing failed;
nested exception is
org.apache.syncope.core.propagation.PropagationException: Exception
during provision on resource Apache DS resource
[LDAP: error code 68 - Attempt to move entry onto itself.]] with root
cause
org.apache.syncope.core.propagation.PropagationException: Exception
during provision on resource Apache DS resource
[LDAP: error code 68 - Attempt to move entry onto itself.]
at
org.apache.syncope.core.propagation.PropagationManager.execute(PropagationManager.java:577)
So there are potentially two bugs here:
a) The error is not reported on the Users Console screen.
This is an error for sure.
b) User deletion does not appear to be working.
I could only delete the user when I removed the Resource from the
user first.
I suspect that there is some issue when creating this user on LDAP
(possibly an incomplete mapping?): are you running an embedded
environment with provided test configuration or have you defined
everything from scratch?
Hi Colm,
I've just tried your procedure above in the embedded environment and
confirmed all you've found.
Summarizing, I would open the following issues (affecting
1.0.1-incubating and 1.1.0-incubating):
1. 'Enforce mandatory constraints' is not working
firstname is mapped to cn with mandatoryCondition == 'true' on LDAP
resource, but Syncope doesn't warn if firstname is not provided
2. LDAP test connector is not configured for providing status information
No conf value is provided for LDAP connector's statusManagementClass
Note: this is not a problem itself, and is also the reason why you see
the 'undefined icon'; anyway, it would be nice to provide a complete
configuration
3. Could not delete an user with LDAP resource
An update operation is issued instead of delete, returning the following
exception:
17:00:11.708 DEBUG
org.identityconnectors.framework.api.operations.UpdateApiOp.update
Exception:
org.identityconnectors.framework.common.exceptions.ConnectorException:
javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - Attempt
to move entry onto itself.]; remaining name
'[email protected],ou=people,o=isp'
[...]
4. Build reference flows for propagation and synchronization
The code behind propagation and synchronization layers is getting bigger
and plenty of flow exceptions: a reorganization - backed by some
reference flows to be summarized as wiki pages - is needed.
WDYT?
--
Francesco Chicchiriccò
ASF Member, Apache Cocoon PMC and Apache Syncope PPMC Member
http://people.apache.org/~ilgrosso/
