[gatein-issues] [JBoss JIRA] (GTNPORTAL-2320) Deleting a group causes IdentityException with openldap
Toshiya Kobayashi (Updated) (JIRA)
jira-events at lists.jboss.org
Wed Jan 4 05:05:09 EST 2012
[ https://issues.jboss.org/browse/GTNPORTAL-2320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Toshiya Kobayashi updated GTNPORTAL-2320:
-----------------------------------------
Description:
Deleting a group causes IdentityException with openldap.
- Setup openldap for idm (http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
- Login as root
- Go to 'Group Management'
- Add a new group "AAAA" under "Platform"
- Add a new group "BBBB" under "AAAA"
- Delete "BBBB"
{noformat}
19:02:06,272 INFO [GroupDAOImpl] Identity operation error:
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
at org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
at org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
at org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
at org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
at org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
at org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:58)
at org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:31)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at org.exoplatform.webui.core.UIApplication.processAction(UIApplication.java:131)
...
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
... 137 more
19:02:06,346 ERROR [portal:UIPortalApplication] Error during the processAction phase
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
at org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
at org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
at org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
at org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
at org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
at org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
at org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
{noformat}
The group explorer keeps throwing this exception until you remove the parent group('AAAA').
IDM seems to remove only a group but not a relationship??
I observe that the relationship remains in AAAA even though BBBB was removed.
{noformat}
dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
objectClass: top
objectClass: groupOfNames
cn: AAAA
member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
{noformat}
was:
Deleting a group causes IdentityException with openldap.
- Setup openldap for idm (http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
- Login as root
- Go to 'Group Management'
- Add a new group "AAAA" under "Platform"
- Add a new group "BBBB" under "AAAA"
- Delete "BBBB"
{noformat}
18:04:16,922 INFO [GroupDAOImpl] Identity operation error:
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
at org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
at org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
at org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
at org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
at org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
at org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:56)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
... 142 more
18:04:17,007 ERROR [portal:UIPortalApplication] Error during the processAction phase
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
at org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
at org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
at org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
at org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
at org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
at org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
at org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:56)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
{noformat}
The group explorer keeps throwing this exception until you remove the parent group('AAAA').
IDM seems to remove only a group but not a relationship??
I observe that the relationship remains in AAAA even though BBBB was removed.
{noformat}
dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
objectClass: top
objectClass: groupOfNames
cn: AAAA
member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
{noformat}
> Deleting a group causes IdentityException with openldap
> -------------------------------------------------------
>
> Key: GTNPORTAL-2320
> URL: https://issues.jboss.org/browse/GTNPORTAL-2320
> Project: GateIn Portal
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Identity integration
> Affects Versions: 3.2.0-Beta01
> Reporter: Toshiya Kobayashi
> Assignee: Boleslaw Dawidowicz
>
> Deleting a group causes IdentityException with openldap.
> - Setup openldap for idm (http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
> - Login as root
> - Go to 'Group Management'
> - Add a new group "AAAA" under "Platform"
> - Add a new group "BBBB" under "AAAA"
> - Delete "BBBB"
> {noformat}
> 19:02:06,272 INFO [GroupDAOImpl] Identity operation error:
> org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
> at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
> at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
> at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
> at org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
> at org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
> at org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
> at org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
> at org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
> at org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
> at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
> at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
> at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
> at org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:58)
> at org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:31)
> at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
> at org.exoplatform.webui.core.UIApplication.processAction(UIApplication.java:131)
> ...
> Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
> at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
> at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
> at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
> at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
> at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
> at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
> at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
> ... 137 more
> 19:02:06,346 ERROR [portal:UIPortalApplication] Error during the processAction phase
> org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
> at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
> at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
> at org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
> at org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
> at org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
> at org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
> at org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
> at org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
> at org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
> at org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
> at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
> at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
> at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
> ...
> {noformat}
> The group explorer keeps throwing this exception until you remove the parent group('AAAA').
> IDM seems to remove only a group but not a relationship??
> I observe that the relationship remains in AAAA even though BBBB was removed.
> {noformat}
> dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
> objectClass: top
> objectClass: groupOfNames
> cn: AAAA
> member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
> member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
> {noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the gatein-issues
mailing list