Great, thanks for letting us know! Pierre
Le jeu. 18 juil. 2019 à 17:15, Nicolas Delsaux <[email protected]> a écrit : > Yes Pierre, I have made sure the organization was correct using another > LDAP browser. > > Let me make sure by replaying the involved part of code. > > From that stack trace, the deeeper nifi code invocation is > > nifi-runner_1 | Caused by: > org.springframework.ldap.OperationNotSupportedException: [LDAP: error code > 12 - Unavailable Critical Extension]; nested exception is > javax.naming.OperationNotSupportedException: [LDAP: error code 12 - > Unavailable Critical Extension]; remaining name 'o=corp.mycompany.com' > nifi-runner_1 | at > org.apache.nifi.ldap.tenants.LdapUserGroupProvider.load(LdapUserGroupProvider.java:493) > nifi-runner_1 | at > org.apache.nifi.ldap.tenants.LdapUserGroupProvider.onConfigured(LdapUserGroupProvider.java:387) > > which seems to load user from ldap. > > More precisely, the error line seems to be > > userList.addAll(ldapTemplate.search(userSearchBase, > userFilter.encode(), userControls, new AbstractContextMapper<User>() { > where > > - userSearchBase is "o=corp.mycompany.com" > > - userFilter is > (&(objectclass=privPerson)(&(objectclass=privPerson)(uid={0}))) yup, a > redundant condition, so I've changed the search filter > > > So, after having talked with the LDAP team in mycompany, we finally > discovered the LDAP directory didn't support the paging mechanism > implemented in Nifi. I removed the paging attribute, and it worked ! > Le 18/07/2019 à 15:54, Pierre Villard a écrit : > > Hi Nicolas, > > It looks like a LDAP issue: LDAP: error code 12 - Unavailable Critical > Extension. > Are you sure about the LDAP tree structure you have? is the organization > correct 'o=corp.mycompany.com'? > > Thanks, > Pierre > > Le jeu. 18 juil. 2019 à 15:36, Nicolas Delsaux <[email protected]> a > écrit : > >> Hello, >> >> I'm trying to use LDAP authentication and am having a weird exception >> >> >> nifi-runner_1 | 2019-07-18 13:26:03,076 INFO [main] >> org.eclipse.jetty.server.Server Started @22069ms >> nifi-runner_1 | 2019-07-18 13:26:03,080 WARN [main] >> org.apache.nifi.web.server.JettyServer Failed to start web server... >> shutting down. >> nifi-runner_1 | >> org.springframework.beans.factory.UnsatisfiedDependencyException: Error >> creating bean with name >> 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': >> Unsatisfied dependency expressed through method >> 'setFilterChainProxySecurityConfigurer' parameter 1; nested exception is >> org.springframework.beans.factory.BeanExpressionException: Expression >> parsing failed; nested exception is >> org.springframework.beans.factory.UnsatisfiedDependencyException: Error >> creating bean with name >> 'org.apache.nifi.web.NiFiWebApiSecurityConfiguration': Unsatisfied >> dependency expressed through method 'setJwtAuthenticationProvider' >> parameter 0; nested exception is >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'jwtAuthenticationProvider' defined in class path resource >> [nifi-web-security-context.xml]: Cannot resolve reference to bean >> 'authorizer' while setting constructor argument; nested exception is >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'authorizer': FactoryBean threw exception on object >> creation; nested exception is >> org.springframework.ldap.OperationNotSupportedException: [LDAP: error code >> 12 - Unavailable Critical Extension]; nested exception is >> javax.naming.OperationNotSupportedException: [LDAP: error code 12 - >> Unavailable Critical Extension]; remaining name 'o=corp.mycompany.com' >> nifi-runner_1 | at >> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:666) >> nifi-runner_1 | at >> org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87) >> nifi-runner_1 | at >> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1269) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:551) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:481) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:761) >> nifi-runner_1 | at >> org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:867) >> >> nifi-runner_1 | at >> org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543) >> nifi-runner_1 | at >> org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:443) >> nifi-runner_1 | at >> org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:325) >> nifi-runner_1 | at >> org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.ContextHandler.callContextInitialized(ContextHandler.java:953) >> nifi-runner_1 | at >> org.eclipse.jetty.servlet.ServletContextHandler.callContextInitialized(ServletContextHandler.java:558) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.ContextHandler.startContext(ContextHandler.java:918) >> nifi-runner_1 | at >> org.eclipse.jetty.servlet.ServletContextHandler.startContext(ServletContextHandler.java:370) >> nifi-runner_1 | at >> org.eclipse.jetty.webapp.WebAppContext.startWebapp(WebAppContext.java:1497) >> nifi-runner_1 | at >> org.eclipse.jetty.webapp.WebAppContext.startContext(WebAppContext.java:1459) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.ContextHandler.doStart(ContextHandler.java:848) >> nifi-runner_1 | at >> org.eclipse.jetty.servlet.ServletContextHandler.doStart(ServletContextHandler.java:287) >> nifi-runner_1 | at >> org.eclipse.jetty.webapp.WebAppContext.doStart(WebAppContext.java:545) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:138) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:138) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:108) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.gzip.GzipHandler.doStart(GzipHandler.java:403) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:138) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.ContextHandlerCollection.doStart(ContextHandlerCollection.java:167) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:138) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:138) >> nifi-runner_1 | at >> org.eclipse.jetty.server.Server.start(Server.java:419) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:108) >> nifi-runner_1 | at >> org.eclipse.jetty.server.handler.AbstractHandler.doStart(AbstractHandler.java:113) >> nifi-runner_1 | at >> org.eclipse.jetty.server.Server.doStart(Server.java:386) >> nifi-runner_1 | at >> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68) >> nifi-runner_1 | at >> org.apache.nifi.web.server.JettyServer.start(JettyServer.java:935) >> nifi-runner_1 | at org.apache.nifi.NiFi.<init>(NiFi.java:158) >> nifi-runner_1 | at org.apache.nifi.NiFi.<init>(NiFi.java:72) >> nifi-runner_1 | at org.apache.nifi.NiFi.main(NiFi.java:297) >> nifi-runner_1 | Caused by: >> org.springframework.beans.factory.BeanExpressionException: Expression >> parsing failed; nested exception is >> org.springframework.beans.factory.UnsatisfiedDependencyException: Error >> creating bean with name >> 'org.apache.nifi.web.NiFiWebApiSecurityConfiguration': Unsatisfied >> dependency expressed through method 'setJwtAuthenticationProvider' >> parameter 0; nested exception is >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'jwtAuthenticationProvider' defined in class path resource >> [nifi-web-security-context.xml]: Cannot resolve reference to bean >> 'authorizer' while setting constructor argument; nested exception is >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'authorizer': FactoryBean threw exception on object >> creation; nested exception is >> org.springframework.ldap.OperationNotSupportedException: [LDAP: error code >> 12 - Unavailable Critical Extension]; nested exception is >> javax.naming.OperationNotSupportedException: [LDAP: error code 12 - >> Unavailable Critical Extension]; remaining name 'o=corp.mycompany.com' >> nifi-runner_1 | at >> org.springframework.context.expression.StandardBeanExpressionResolver.evaluate(StandardBeanExpressionResolver.java:163) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.evaluateBeanDefinitionString(AbstractBeanFactory.java:1454) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1086) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1064) >> nifi-runner_1 | at >> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:658) >> nifi-runner_1 | ... 53 common frames omitted >> nifi-runner_1 | Caused by: >> org.springframework.beans.factory.UnsatisfiedDependencyException: Error >> creating bean with name >> 'org.apache.nifi.web.NiFiWebApiSecurityConfiguration': Unsatisfied >> dependency expressed through method 'setJwtAuthenticationProvider' >> parameter 0; nested exception is >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'jwtAuthenticationProvider' defined in class path resource >> [nifi-web-security-context.xml]: Cannot resolve reference to bean >> 'authorizer' while setting constructor argument; nested exception is >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'authorizer': FactoryBean threw exception on object >> creation; nested exception is >> org.springframework.ldap.OperationNotSupportedException: [LDAP: error code >> 12 - Unavailable Critical Extension]; nested exception is >> javax.naming.OperationNotSupportedException: [LDAP: error code 12 - >> Unavailable Critical Extension]; remaining name 'o=corp.mycompany.com' >> nifi-runner_1 | at >> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:666) >> nifi-runner_1 | at >> org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:87) >> nifi-runner_1 | at >> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1269) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:551) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:481) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeansOfType(DefaultListableBeanFactory.java:519) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeansOfType(DefaultListableBeanFactory.java:508) >> nifi-runner_1 | at >> org.springframework.security.config.annotation.web.configuration.AutowiredWebSecurityConfigurersIgnoreParents.getWebSecurityConfigurers(AutowiredWebSecurityConfigurersIgnoreParents.java:53) >> nifi-runner_1 | at >> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> nifi-runner_1 | at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> nifi-runner_1 | at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> nifi-runner_1 | at >> java.lang.reflect.Method.invoke(Method.java:498) >> nifi-runner_1 | at >> org.springframework.expression.spel.support.ReflectiveMethodExecutor.execute(ReflectiveMethodExecutor.java:117) >> nifi-runner_1 | at >> org.springframework.expression.spel.ast.MethodReference.getValueInternal(MethodReference.java:134) >> nifi-runner_1 | at >> org.springframework.expression.spel.ast.MethodReference.access$000(MethodReference.java:52) >> nifi-runner_1 | at >> org.springframework.expression.spel.ast.MethodReference$MethodValueRef.getValue(MethodReference.java:377) >> nifi-runner_1 | at >> org.springframework.expression.spel.ast.CompoundExpression.getValueInternal(CompoundExpression.java:88) >> nifi-runner_1 | at >> org.springframework.expression.spel.ast.SpelNodeImpl.getValue(SpelNodeImpl.java:121) >> nifi-runner_1 | at >> org.springframework.expression.spel.standard.SpelExpression.getValue(SpelExpression.java:257) >> nifi-runner_1 | at >> org.springframework.context.expression.StandardBeanExpressionResolver.evaluate(StandardBeanExpressionResolver.java:160) >> nifi-runner_1 | ... 57 common frames omitted >> nifi-runner_1 | Caused by: >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'jwtAuthenticationProvider' defined in class path resource >> [nifi-web-security-context.xml]: Cannot resolve reference to bean >> 'authorizer' while setting constructor argument; nested exception is >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'authorizer': FactoryBean threw exception on object >> creation; nested exception is >> org.springframework.ldap.OperationNotSupportedException: [LDAP: error code >> 12 - Unavailable Critical Extension]; nested exception is >> javax.naming.OperationNotSupportedException: [LDAP: error code 12 - >> Unavailable Critical Extension]; remaining name 'o=corp.mycompany.com' >> nifi-runner_1 | at >> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:359) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:108) >> >> nifi-runner_1 | at >> org.springframework.beans.factory.support.ConstructorResolver.resolveConstructorArguments(ConstructorResolver.java:634) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:145) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1198) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1100) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:511) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:481) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:312) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:308) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202) >> nifi-runner_1 | at >> org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:208) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1136) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1064) >> nifi-runner_1 | at >> org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredMethodElement.inject(AutowiredAnnotationBeanPostProcessor.java:658) >> nifi-runner_1 | ... 81 common frames omitted >> nifi-runner_1 | Caused by: >> org.springframework.beans.factory.BeanCreationException: Error creating >> bean with name 'authorizer': FactoryBean threw exception on object >> creation; nested exception is >> org.springframework.ldap.OperationNotSupportedException: [LDAP: error code >> 12 - Unavailable Critical Extension]; nested exception is >> javax.naming.OperationNotSupportedException: [LDAP: error code 12 - >> Unavailable Critical Extension]; remaining name 'o=corp.mycompany.com' >> nifi-runner_1 | at >> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:185) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.getObjectFromFactoryBean(FactoryBeanRegistrySupport.java:103) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.getObjectForBeanInstance(AbstractBeanFactory.java:1640) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:323) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:351) >> nifi-runner_1 | ... 96 common frames omitted >> nifi-runner_1 | Caused by: >> org.springframework.ldap.OperationNotSupportedException: [LDAP: error code >> 12 - Unavailable Critical Extension]; nested exception is >> javax.naming.OperationNotSupportedException: [LDAP: error code 12 - >> Unavailable Critical Extension]; remaining name 'o=corp.mycompany.com' >> nifi-runner_1 | at >> org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:212) >> nifi-runner_1 | at >> org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:397) >> nifi-runner_1 | at >> org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:328) >> nifi-runner_1 | at >> org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:629) >> nifi-runner_1 | at >> org.apache.nifi.ldap.tenants.LdapUserGroupProvider.load(LdapUserGroupProvider.java:493) >> nifi-runner_1 | at >> org.apache.nifi.ldap.tenants.LdapUserGroupProvider.onConfigured(LdapUserGroupProvider.java:387) >> nifi-runner_1 | at >> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> nifi-runner_1 | at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> nifi-runner_1 | at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> nifi-runner_1 | at >> java.lang.reflect.Method.invoke(Method.java:498) >> nifi-runner_1 | at >> org.apache.nifi.authorization.UserGroupProviderInvocationHandler.invoke(UserGroupProviderInvocationHandler.java:38) >> nifi-runner_1 | at com.sun.proxy.$Proxy76.onConfigured(Unknown >> Source) >> nifi-runner_1 | at >> org.apache.nifi.authorization.AuthorizerFactoryBean.getObject(AuthorizerFactoryBean.java:139) >> nifi-runner_1 | at >> org.springframework.beans.factory.support.FactoryBeanRegistrySupport.doGetObjectFromFactoryBean(FactoryBeanRegistrySupport.java:178) >> nifi-runner_1 | ... 101 common frames omitted >> nifi-runner_1 | Caused by: javax.naming.OperationNotSupportedException: >> [LDAP: error code 12 - Unavailable Critical Extension] >> nifi-runner_1 | at >> com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3214) >> nifi-runner_1 | at >> com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100) >> nifi-runner_1 | at >> com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891) >> nifi-runner_1 | at >> com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1846) >> nifi-runner_1 | at >> com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769) >> nifi-runner_1 | at >> com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392) >> nifi-runner_1 | at >> com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358) >> nifi-runner_1 | at >> com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:341) >> nifi-runner_1 | at >> javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267) >> nifi-runner_1 | at >> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> nifi-runner_1 | at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >> nifi-runner_1 | at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> nifi-runner_1 | at >> java.lang.reflect.Method.invoke(Method.java:498) >> nifi-runner_1 | at >> org.springframework.ldap.core.support.SingleContextSource$NonClosingDirContextInvocationHandler.invoke(SingleContextSource.java:197) >> nifi-runner_1 | at com.sun.proxy.$Proxy78.search(Unknown Source) >> nifi-runner_1 | at >> org.springframework.ldap.core.LdapTemplate$4.executeSearch(LdapTemplate.java:322) >> nifi-runner_1 | at >> org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:363) >> nifi-runner_1 | ... 113 common frames omitted >> >> >> it seems like the LDAP server i'm trying to talk to doesn't support some >> of the queries i try to send him. But what <am i doing wrong ? >> >> >> My authorizers.xml contains >> <userGroupProvider> >> <identifier>ldap-user-group-provider</identifier> >> <class>org.apache.nifi.ldap.tenants.LdapUserGroupProvider</class> >> <property name="Authentication Strategy">LDAPS</property> >> <property name="Manager DN">myserviceaccount</property> >> <property name="Manager Password">mypassword</property> >> <property name="TLS - Keystore"></property> >> <property name="TLS - Keystore Password"></property> >> <property name="TLS - Keystore Type"></property> >> <property name="TLS - Truststore">/opt/certs/cacerts.jks</property> >> <property name="TLS - Truststore Password">changeit</property> >> <property name="TLS - Truststore Type">JKS</property> >> <property name="TLS - Client Auth"></property> >> <property name="TLS - Protocol">TLSv1</property> >> <property name="TLS - Shutdown Gracefully"></property> >> <property name="Referral Strategy">FOLLOW</property> >> <property name="Connect Timeout">10 secs</property> >> <property name="Read Timeout">10 secs</property> >> <property name="Url">ldaps://myserver.mycompany.com:636</property> >> <property name="Page Size">0</property> >> <property name="Sync Interval">30 mins</property> >> <property name="User Search Base">o=corp.mycompany.com</property> >> <property name="User Object Class">privPerson</property> >> <property name="User Search Scope">SUBTREE</property> >> <property name="User Search Filter">(& >> (objectclass=privPerson)(uid={0}))</property> >> <property name="User Identity Attribute">uid</property> >> <property name="User Group Name Attribute"></property> >> <property name="User Group Name Attribute - Referenced Group Attribute" >> ></property> >> <property name="Group Search Base"></property> >> <property name="Group Object Class">group</property> >> <property name="Group Search Scope">ONE_LEVEL</property> >> <property name="Group Search Filter"></property> >> <property name="Group Name Attribute"></property> >> <property name="Group Member Attribute"></property> >> <property name="Group Member Attribute - Referenced User Attribute"></ >> property> >> </userGroupProvider> >> >> And my login-identity-providers contains >> >> >> <provider> >> <identifier>ldap-provider</identifier> >> <class>org.apache.nifi.ldap.LdapProvider</class> >> <property name="Authentication Strategy">LDAPS</property> >> <property name="Manager DN">myserviceaccount</property> >> <property name="Manager Password">mypassword</property> >> <property name="TLS - Keystore"></property> >> <property name="TLS - Keystore Password"></property> >> <property name="TLS - Keystore Type"></property> >> <property name="TLS - Truststore">/opt/certs/cacerts.jks</property> >> <property name="TLS - Truststore Password">changeit</property> >> <property name="TLS - Truststore Type">JKS</property> >> <property name="TLS - Client Auth"></property> >> <property name="TLS - Protocol">TLSv1</property> >> <property name="TLS - Shutdown Gracefully"></property> >> <property name="Referral Strategy">FOLLOW</property> >> <property name="Connect Timeout">10 secs</property> >> <property name="Read Timeout">10 secs</property> >> <property name="Url">ldaps://myserver.mycompany.com:636</property> >> <property name="User Search Base">o=corp.mycompany.com</property> >> <property name="User Search Filter">(& >> (objectclass=privPerson)(uid={0}))</property> >> <property name="Identity Strategy">USE_DN</property> >> <property name="Authentication Expiration">12 hours</property> >> </provider> >> >> >> Do you know what I did wrong ? >> >> >> Thanks ! >> >
