2014-10-20 2:23 GMT+08:00 Alon Bar-Lev <[email protected]>: > > > ----- Original Message ----- > > From: "plysan" <[email protected]> > > To: "Alon Bar-Lev" <[email protected]> > > Cc: "[email protected] List" <[email protected]> > > Sent: Sunday, October 19, 2014 9:06:37 PM > > Subject: Re: [ovirt-users] Null object error with > ovirt-engine-extension-ldap > > > > Hi, > > > > I did the following: > > > > 1. /etc/ovirt-engine/extensions.d/eayunosAuthn.properties > > > > ovirt.engine.extension.name = eayunosAuthn > > ovirt.engine.extension.bindings.method = jbossmodule > > ovirt.engine.extension.binding.jbossmodule.module = > > org.ovirt.engine-extensions.aaa.ldap > > ovirt.engine.extension.binding.jbossmodule.class = > > org.ovirt.engineextensions.aaa.ldap.AuthnExtension > > ovirt.engine.extension.provides = > org.ovirt.engine.api.extensions.aaa.Authn > > ovirt.engine.aaa.authn.profile.name = testad > > ovirt.engine.aaa.authn.authz.plugin = eayunosAuthz > > config.profile.file.1 = > > /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties > > please use your own file, put it at /etc/ovirt-engine/aaa or something, > please do not override package files. > > > > > 2. /etc/ovirt-engine/extensions.d/eayunosAuthz.properties > > > > ovirt.engine.extension.name = eayunosAuthz > > ovirt.engine.extension.bindings.method = jbossmodule > > ovirt.engine.extension.binding.jbossmodule.module = > > org.ovirt.engine-extensions.aaa.ldap > > ovirt.engine.extension.binding.jbossmodule.class = > > org.ovirt.engineextensions.aaa.ldap.AuthzExtension > > ovirt.engine.extension.provides = > org.ovirt.engine.api.extensions.aaa.Authz > > config.profile.file.1 = > > /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties > > > > 3. /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties > (I > > just modified the fiirst three variables) > > please use your own file, put it at /etc/ovirt-engine/aaa or something, > please do not override package files. > > > include = <ad.properties> > > > > vars.user = lijiansheng > > vars.password = 1qaz@WSX > > vars.domain = eayunos.com > > vars.dns = dns://dc1.${global:vars.domain} > dns://dc2.${global:vars.domain} > > I hope you have dc1.eayunos.com and dc2.eayunos.com. > > > pool.default.serverset.type = srvrecord > > pool.default.serverset.srvrecord.domain = ${global:vars.domain} > > > pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url = > > ${global:vars.dns} > > pool.default.socketfactory.resolver.uRL = ${global:vars.dns} > > pool.default.ssl.startTLS = true > > I suggest you start without ssl, set the above to false. > > > pool.default.ssl.truststore.file = > > ${local:_basedir}/${global:vars.domain}.jks > > pool.default.ssl.truststore.password = changeit > > pool.default.auth.simple.bindDN = ${global:vars.user} > > pool.default.auth.simple.password = ${global:vars.password} > > > > > > And this time there is another error in engine.log: > > > > 2014-10-20 01:59:32,291 INFO > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread 1-3) Loading extension 'eayunosAuthn' > > 2014-10-20 01:59:32,839 ERROR > > [org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC > > service thread 1-3) Could not load extension based on configuration file > > '/etc/ovirt-engine/extensions.d/eayunosAuthn.properties'. Please check > the > > configuration file is valid. Exception message is: Error loading > extension > > 'eayunosAuthn': Exception: class java.lang.StackOverflowError: null > > yes, as the ad.properties includes common.properties which you modified to > include ad.properties, so you created infinite loop. > > Thanks Alon, problem solved :P
my working confuguration file is as follows: 1. /etc/ovirt-engine/aaa/common.properties include = <ad.properties> vars.user = [email protected] vars.password = 1qaz@WSX vars.domain = eayunos.com vars.dns = dns://dc1.${global:vars.domain} [skip...] 2. /etc/ovirt-engine/extensions.d/eayunosAuthn.properties ovirt.engine.extension.name = eayunosAuthn [skip...] ovirt.engine.aaa.authn.profile.name = common ovirt.engine.aaa.authn.authz.plugin = eayunosAuthz config.profile.file.1 = /etc/ovirt-engine/aaa/common.properties 3. /etc/ovirt-engine/extensions.d/eayunosAuthz.properties ovirt.engine.extension.name = eayunosAuthz [skip...] config.profile.file.1 = /etc/ovirt-engine/aaa/common.properties 4. /usr/share/ovirt-engine-extension-aaa-ldap/profiles/ad.properties comment out "include = <common.properties>" I dont know why this file must be changed to get it to work, as you said override package files is not good way. I have tried to cp this file to /etc/ovirt-engine/aaa but is no use :( Any ideas ? And thanks for your help. plysan > > 2014-10-20 01:59:32,843 INFO > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread 1-3) Loading extension 'eayunosAuthz' > > 2014-10-20 01:59:33,206 ERROR > > [org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC > > service thread 1-3) Could not load extension based on configuration file > > '/etc/ovirt-engine/extensions.d/eayunosAuthz.properties'. Please check > the > > configuration file is valid. Exception message is: Error loading > extension > > 'eayunosAuthz': Exception: class java.lang.StackOverflowError: null > > > > > > Thanks for your help :) > > > > plysan > > > > > > 2014-10-20 1:09 GMT+08:00 Alon Bar-Lev <[email protected]>: > > > > > Hi, > > > > > > You need to refer to ad.properties from your profile, in this profile > you > > > need to specify credentials and settings to access the active > directory. > > > > > > For example, how can the implementation guess where your active > directory > > > is? what is the user that is to be used to access it? > > > > > > Please follow extension configuration[1] and create two extensions per > > > documentation. > > > 1. authn - authentication > > > 2. authz - authorization. > > > > > > Both extensions should refer to your profile[2] that specifies the > > > required information. > > > > > > Regards, > > > Alon > > > > > > [1] > > > > http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l17 > > > [2] > > > > http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l97 > > > > > > ----- Original Message ----- > > > > From: "plysan" <[email protected]> > > > > To: "[email protected] List" <[email protected]> > > > > Sent: Sunday, October 19, 2014 7:58:48 PM > > > > Subject: [ovirt-users] Null object error with > ovirt-engine-extension-ldap > > > > > > > > Hello, > > > > > > > > After I adding a AD directory server to oVirt using manage-domains, I > > > > installed the extension-ldap package. My setup is as follows: > > > > > > > > 1. /etc/ovirt-engine/extensions.d/eayunos.properties > > > > > > > > ovirt.engine.extension.name = eayunos > > > > ovirt.engine.extension.bindings.method = jbossmodule > > > > ovirt.engine.extension.binding.jbossmodule.module = > > > > org.ovirt.engine-extensions.aaa.ldap > > > > ovirt.engine.extension.binding.jbossmodule.class = > > > > org.ovirt.engineextensions.aaa.ldap.AuthzExtension > > > > ovirt.engine.extension.provides = > > > org.ovirt.engine.api.extensions.aaa.Authz > > > > config.profile.file.1 = > > > > /usr/share/ovirt-engine-extension-aaa-ldap/profiles/ad.properties > > > > > > > > 2. restart ovirt > > > > > > > > But after that there is a error in engine.log: > > > > > > > > 2014-10-20 00:52:11,199 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Loading extension 'builtin-authn-internal' > > > > 2014-10-20 00:52:11,201 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension 'builtin-authn-internal' loaded > > > > 2014-10-20 00:52:11,202 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Loading extension 'internal' > > > > 2014-10-20 00:52:11,203 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension 'internal' loaded > > > > 2014-10-20 00:52:11,218 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Loading extension ' builtin-authn-eayunos.com ' > > > > 2014-10-20 00:52:11,232 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension ' builtin-authn-eayunos.com ' loaded > > > > 2014-10-20 00:52:11,245 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Loading extension ' eayunos.com ' > > > > 2014-10-20 00:52:11,247 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension ' eayunos.com ' loaded > > > > 2014-10-20 00:52:11,252 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Loading extension 'ovirtSyslog' > > > > 2014-10-20 00:52:11,253 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension 'ovirtSyslog' loaded > > > > 2014-10-20 00:52:11,257 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Loading extension 'eayunos' > > > > 2014-10-20 00:52:11,286 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension 'eayunos' loaded > > > > 2014-10-20 00:52:11,287 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Initializing extension 'builtin-authn-internal' > > > > 2014-10-20 00:52:11,288 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension 'builtin-authn-internal' initialized > > > > 2014-10-20 00:52:11,289 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Initializing extension 'eayunos' > > > > 2014-10-20 00:52:11,290 INFO > > > [org.ovirt.engineextensions.aaa.ldap.Framework] > > > > (MSC service thread 1-16) Creating LDAP pool 'authz' for 'eayunos' > > > > 2014-10-20 00:52:11,305 ERROR > > > > [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service > thread > > > > 1-16) Cannot initialize LDAP framework, deferring initialization. > Error: > > > A > > > > null object was provided where a non-null object is required > (non-null > > > index > > > > 0). Thread stack trace: getStackTrace(Thread.java:1589) / > > > > ensureNotNull(Validator.java:60) / <init>(SingleServerSet.java:140) / > > > > createConnectionPool(Framework.java:516) / > > > createPool(Framework.java:632) / > > > > runSequence(Framework.java:1312) / open(Framework.java:666) / > > > > ensureFramework(AuthzExtension.java:104) / > > > doInit(AuthzExtension.java:436) / > > > > invoke(AuthzExtension.java:368) / invoke(ExtensionProxy.java:49) / > > > > invoke(ExtensionProxy.java:73) / invoke(ExtensionProxy.java:109) / > > > > initialize(ExtensionsManager.java:308) / > > > > engineInitialize(EngineExtensionsManager.java:111) / > > > > initialize(Backend.java:266) / create(Backend.java:138) / > > > > invoke0(NativeMethodAccessorImpl.java) / > > > > invoke(NativeMethodAccessorImpl.java:57) / > > > > invoke(DelegatingMethodAccessorImpl.java:43) / > invoke(Method.java:606) / > > > > > > > > processInvocation(ManagedReferenceLifecycleMethodInterceptorFactory.java:130) > > > > / proceed(InterceptorContext.java:288) / > > > > processInvocation(WeavedInterceptor.java:53) / > > > > proceed(InterceptorContext.java:288) / > > > > processInvocation(WeldInjectionInterceptor.java:73) / > > > > proceed(InterceptorContext.java:288) / > > > > processInvocation(ManagedReferenceInterceptorFactory.java:95) / > > > > proceed(InterceptorContext.java:288) / > > > > processInvocation(ManagedReferenceInterceptorFactory.java:95) / > > > > proceed(InterceptorContext.java:288) / > > > > processInvocation(WeavedInterceptor.java:53) / > > > > proceed(InterceptorContext.java:288) / > > > > processInvocation(NamespaceContextInterceptor.java:50) / > > > > proceed(InterceptorContext.java:288) / > > > > invokeInOurTx(CMTTxInterceptor.java:228) / > > > > requiresNew(CMTTxInterceptor.java:333) / > > > > processInvocation(SingletonLifecycleCMTTxInterceptor.java:56) / > > > > proceed(InterceptorContext.java:288) / > > > > processInvocation(CurrentInvocationContextInterceptor.java:41) / > > > > proceed(InterceptorContext.java:288) / > > > > processInvocation(TCCLInterceptor.java:45) / > > > > proceed(InterceptorContext.java:288) / > > > > processInvocation(ChainedInterceptor.java:61) / > > > > constructComponentInstance(BasicComponent.java:161) / > > > > createInstance(BasicComponent.java:85) / > > > > getComponentInstance(SingletonComponent.java:116) / > > > > start(SingletonComponent.java:130) / > > > start(ComponentStartService.java:44) / > > > > startService(ServiceControllerImpl.java:1811) / > > > > run(ServiceControllerImpl.java:1746) / > > > > runWorker(ThreadPoolExecutor.java:1145) / > > > run(ThreadPoolExecutor.java:615) / > > > > run(Thread.java:745) > > > > 2014-10-20 00:52:11,313 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension 'eayunos' initialized > > > > 2014-10-20 00:52:11,314 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Initializing extension 'ovirtSyslog' > > > > 2014-10-20 00:52:11,327 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension 'ovirtSyslog' initialized > > > > 2014-10-20 00:52:11,327 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Initializing extension ' builtin-authn-eayunos.com ' > > > > 2014-10-20 00:52:11,330 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension ' builtin-authn-eayunos.com ' initialized > > > > 2014-10-20 00:52:11,331 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Initializing extension ' eayunos.com ' > > > > 2014-10-20 00:52:11,332 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension ' eayunos.com ' initialized > > > > 2014-10-20 00:52:11,333 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Initializing extension 'internal' > > > > 2014-10-20 00:52:11,334 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Extension 'internal' initialized > > > > 2014-10-20 00:52:11,334 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Start of enabled extensions list > > > > 2014-10-20 00:52:11,335 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Instance name: 'builtin-authn-internal', Extension name: > 'Internal > > > > Authn (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', > Home: ' > > > > http://www.ovirt.org ', Author 'The oVirt Project', Build interface > > > Version: > > > > '0', File: 'N/A', Initialized: 'true' > > > > 2014-10-20 00:52:11,337 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Instance name: 'eayunos', Extension name: 'aaa.ldap.authz', > > > Version: > > > > '0.0.0_master', Notes: 'Display name: > > > > > > > > ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6', > > > > License: 'ASL 2.0', Home: ' http://www.ovirt.org ', Author 'The > oVirt > > > > Project', Build interface Version: '0', File: > > > > '/etc/ovirt-engine/extensions.d/eayunos.properties', Initialized: > 'true' > > > > 2014-10-20 00:52:11,338 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Instance name: 'ovirtSyslog', Extension name: 'Log4jLogger', > > > Version: > > > > '0.0.0', Notes: 'Display name: > > > > > > > > ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6', > > > > License: 'ASL 2.0', Home: ' http://www.ovirt.org ', Author 'The > oVirt > > > > Project', Build interface Version: '0', File: > > > > '/etc/ovirt-engine/extensions.d/Log4jLogger.properties', Initialized: > > > 'true' > > > > 2014-10-20 00:52:11,340 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Instance name: ' builtin-authn-eayunos.com ', Extension name: > > > > 'Kerberos/Ldap Authn (Built-in)', Version: 'N/A', Notes: '', License: > > > 'ASL > > > > 2.0', Home: ' http://www.ovirt.org ', Author 'The oVirt Project', > Build > > > > interface Version: '0', File: 'N/A', Initialized: 'true' > > > > 2014-10-20 00:52:11,342 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Instance name: ' eayunos.com ', Extension name: 'Kerberos/Ldap > > > Authz > > > > (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: ' > > > > http://www.ovirt.org ', Author 'The oVirt Project', Build interface > > > Version: > > > > '0', File: 'N/A', Initialized: 'true' > > > > 2014-10-20 00:52:11,343 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) Instance name: 'internal', Extension name: 'Internal Authz > > > > (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: ' > > > > http://www.ovirt.org ', Author 'The oVirt Project', Build interface > > > Version: > > > > '0', File: 'N/A', Initialized: 'true' > > > > 2014-10-20 00:52:11,345 INFO > > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > > thread > > > > 1-16) End of enabled extensions list > > > > > > > > > > > > My environment: > > > > > > > > # cat /etc/issue > > > > CentOS release 6.5 (Final) > > > > > > > > # rpm -qa |grep aaa-ldap > > > > > > > > ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch > > > > > > > > # rpm -qa |grep ovirt-engine > > > > > > > > ovirt-engine-setup-plugin-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-extensions-api-impl-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-tools-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-userportal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-extension-aaa-misc-0.0.0-0.0.master.20140902120001.git1fa6912.el6.noarch > > > > > ovirt-engine-lib-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-setup-plugin-ovirt-engine-common-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > ovirt-engine-cli-3.5.0.6-0.1.20140926.gitbbb1e44.el6.noarch > > > > > > > > ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6.noarch > > > > > ovirt-engine-setup-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-dbscripts-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-webadmin-portal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-restapi-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-setup-base-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > ovirt-engine-sdk-python-3.5.0.8-0.1.20140926.gitd3a5e4d.el6.noarch > > > > > > > > ovirt-engine-setup-plugin-ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > > > > ovirt-engine-backend-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > ovirt-engine-sdk-java-3.5.0.6-0.1.20140910.git05ab94f.el6.noarch > > > > > > > > ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch > > > > ovirt-engine-jboss-as-7.1.1-1.el6.x86_64 > > > > > > > > > > > > Can anyone give me some help? > > > > > > > > Thanks! > > > > > > > > > > > > _______________________________________________ > > > > Users mailing list > > > > [email protected] > > > > http://lists.ovirt.org/mailman/listinfo/users > > > > > > > > > >
_______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
