3:34 a.m.
Deleting a group causes IdentityException with openldap
-------------------------------------------------------
Key: GTNPORTAL-2320
URL: https://issues.jboss.org/browse/GTNPORTAL-2320
Project: GateIn Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Identity integration
Affects Versions: 3.2.0-Beta01
Reporter: Toshiya Kobayashi
Assignee: Boleslaw Dawidowicz
Deleting a group causes IdentityException with openldap.
- Setup openldap for idm
(http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
- Login as root
- Go to 'Group Management'
- Add a new group "AAAA" under "Platform"
- Add a new group "BBBB" under "AAAA"
- Delete "BBBB"
{noformat}
18:04:16,922 INFO [GroupDAOImpl] Identity operation error:
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
at
org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:56)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
... 142 more
18:04:17,007 ERROR [portal:UIPortalApplication] Error during the processAction phase
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
at
org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
at
org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
at
org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
at
org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:56)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
{noformat}
The group explorer keeps throwing this exception until you remove the parent
group('AAAA').
IDM seems to remove only a group but not a relationship??
I observe that the relationship remains in AAAA even though BBBB was removed.
{noformat}
dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
objectClass: top
objectClass: groupOfNames
cn: AAAA
member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:05 a.m.
[
https://issues.jboss.org/browse/GTNPORTAL-2320?page=com.atlassian.jira.pl...
]
Toshiya Kobayashi updated GTNPORTAL-2320:
-----------------------------------------
Description:
Deleting a group causes IdentityException with openldap.
- Setup openldap for idm
(http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
- Login as root
- Go to 'Group Management'
- Add a new group "AAAA" under "Platform"
- Add a new group "BBBB" under "AAAA"
- Delete "BBBB"
{noformat}
19:02:06,272 INFO [GroupDAOImpl] Identity operation error:
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
at
org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at
org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:58)
at
org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:31)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at org.exoplatform.webui.core.UIApplication.processAction(UIApplication.java:131)
...
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
... 137 more
19:02:06,346 ERROR [portal:UIPortalApplication] Error during the processAction phase
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
at
org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
at
org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
at
org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
at
org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
{noformat}
The group explorer keeps throwing this exception until you remove the parent
group('AAAA').
IDM seems to remove only a group but not a relationship??
I observe that the relationship remains in AAAA even though BBBB was removed.
{noformat}
dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
objectClass: top
objectClass: groupOfNames
cn: AAAA
member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
{noformat}
was:
Deleting a group causes IdentityException with openldap.
- Setup openldap for idm
(http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
- Login as root
- Go to 'Group Management'
- Add a new group "AAAA" under "Platform"
- Add a new group "BBBB" under "AAAA"
- Delete "BBBB"
{noformat}
18:04:16,922 INFO [GroupDAOImpl] Identity operation error:
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
at
org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:56)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
... 142 more
18:04:17,007 ERROR [portal:UIPortalApplication] Error during the processAction phase
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
at
org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
at
org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
at
org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
at
org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:56)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
{noformat}
The group explorer keeps throwing this exception until you remove the parent
group('AAAA').
IDM seems to remove only a group but not a relationship??
I observe that the relationship remains in AAAA even though BBBB was removed.
{noformat}
dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
objectClass: top
objectClass: groupOfNames
cn: AAAA
member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
{noformat}
Deleting a group causes IdentityException with openldap
-------------------------------------------------------
Key: GTNPORTAL-2320
URL: https://issues.jboss.org/browse/GTNPORTAL-2320
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.2.0-Beta01
Reporter: Toshiya Kobayashi
Assignee: Boleslaw Dawidowicz
Deleting a group causes IdentityException with openldap.
- Setup openldap for idm
(http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
- Login as root
- Go to 'Group Management'
- Add a new group "AAAA" under "Platform"
- Add a new group "BBBB" under "AAAA"
- Delete "BBBB"
{noformat}
19:02:06,272 INFO [GroupDAOImpl] Identity operation error:
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
at
org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at
org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:58)
at
org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:31)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at org.exoplatform.webui.core.UIApplication.processAction(UIApplication.java:131)
...
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
... 137 more
19:02:06,346 ERROR [portal:UIPortalApplication] Error during the processAction phase
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
at
org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
at
org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
at
org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
at
org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
{noformat}
The group explorer keeps throwing this exception until you remove the parent
group('AAAA').
IDM seems to remove only a group but not a relationship??
I observe that the relationship remains in AAAA even though BBBB was removed.
{noformat}
dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
objectClass: top
objectClass: groupOfNames
cn: AAAA
member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:09 a.m.
[
https://issues.jboss.org/browse/GTNPORTAL-2320?page=com.atlassian.jira.pl...
]
Toshiya Kobayashi updated GTNPORTAL-2320:
-----------------------------------------
Attachment: add_group_gtn_01.png
add_group_gtn_02.png
delete_group_01.png
Deleting a group causes IdentityException with openldap
-------------------------------------------------------
Key: GTNPORTAL-2320
URL: https://issues.jboss.org/browse/GTNPORTAL-2320
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.2.0-Beta01
Reporter: Toshiya Kobayashi
Assignee: Boleslaw Dawidowicz
Attachments: add_group_gtn_01.png, add_group_gtn_02.png, delete_group_01.png
Deleting a group causes IdentityException with openldap.
- Setup openldap for idm
(http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
- Login as root
- Go to 'Group Management'
- Add a new group "AAAA" under "Platform"
- Add a new group "BBBB" under "AAAA"
- Delete "BBBB"
{noformat}
19:02:06,272 INFO [GroupDAOImpl] Identity operation error:
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
at
org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at
org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:58)
at
org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:31)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at org.exoplatform.webui.core.UIApplication.processAction(UIApplication.java:131)
...
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
... 137 more
19:02:06,346 ERROR [portal:UIPortalApplication] Error during the processAction phase
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
at
org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
at
org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
at
org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
at
org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
{noformat}
The group explorer keeps throwing this exception until you remove the parent
group('AAAA').
IDM seems to remove only a group but not a relationship??
I observe that the relationship remains in AAAA even though BBBB was removed.
{noformat}
dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
objectClass: top
objectClass: groupOfNames
cn: AAAA
member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:58 a.m.
[
https://issues.jboss.org/browse/GTNPORTAL-2320?page=com.atlassian.jira.pl...
]
Patrice Lamarque commented on GTNPORTAL-2320:
---------------------------------------------
This issue is marked as resolved on EPP, but not on Gatein. How can we get the fix please
?
Deleting a group causes IdentityException with openldap
-------------------------------------------------------
Key: GTNPORTAL-2320
URL: https://issues.jboss.org/browse/GTNPORTAL-2320
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.2.0-Beta01
Reporter: Toshiya Kobayashi
Assignee: Boleslaw Dawidowicz
Attachments: add_group_gtn_01.png, add_group_gtn_02.png, delete_group_01.png
Deleting a group causes IdentityException with openldap.
- Setup openldap for idm
(http://community.jboss.org/wiki/GateInWithLDAPAsADefaultUserAndGroupStore)
- Login as root
- Go to 'Group Management'
- Add a new group "AAAA" under "Platform"
- Add a new group "BBBB" under "AAAA"
- Delete "BBBB"
{noformat}
19:02:06,272 INFO [GroupDAOImpl] Identity operation error:
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1240)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:1125)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.findIdentityObject(FallbackIdentityStoreRepository.java:967)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:946)
at
org.picketlink.idm.impl.api.session.managers.RelationshipManagerImpl.findAssociatedGroups(RelationshipManagerImpl.java:1006)
at
org.exoplatform.services.organization.idm.GroupDAOImpl.findGroups(GroupDAOImpl.java:489)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:123)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at
org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:58)
at
org.exoplatform.webui.core.lifecycle.UIApplicationLifecycle.processAction(UIApplicationLifecycle.java:31)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
at org.exoplatform.webui.core.UIApplication.processAction(UIApplication.java:131)
...
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object];
remaining name 'cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3066)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1309)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:133)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:128)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:854)
... 137 more
19:02:06,346 ERROR [portal:UIPortalApplication] Error during the processAction phase
org.picketlink.idm.common.exception.IdentityException: Identity object search failed.
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.findIdentityObject(LDAPIdentityStoreImpl.java:886)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.resolveRelationships(LDAPIdentityStoreImpl.java:1649)
at
org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl.getRelationshipsCount(LDAPIdentityStoreImpl.java:1570)
at
org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository.getRelationshipsCount(FallbackIdentityStoreRepository.java:1254)
at
org.picketlink.idm.impl.api.session.managers.RoleManagerImpl.getRolesCount(RoleManagerImpl.java:883)
at
org.exoplatform.services.organization.idm.IDMMembershipListAccess.getSize(IDMMembershipListAccess.java:173)
at
org.exoplatform.organization.webui.component.UIUserInGroup.setValues(UIUserInGroup.java:138)
at
org.exoplatform.organization.webui.component.UIGroupInfo.setGroup(UIGroupInfo.java:46)
at
org.exoplatform.organization.webui.component.UIGroupExplorer.changeGroup(UIGroupExplorer.java:141)
at
org.exoplatform.organization.webui.component.UIGroupManagement$DeleteGroupActionListener.execute(UIGroupManagement.java:160)
at org.exoplatform.webui.event.Event.broadcast(Event.java:89)
at org.exoplatform.webui.core.lifecycle.Lifecycle.processAction(Lifecycle.java:54)
at org.exoplatform.webui.core.UIComponent.processAction(UIComponent.java:133)
...
{noformat}
The group explorer keeps throwing this exception until you remove the parent
group('AAAA').
IDM seems to remove only a group but not a relationship??
I observe that the relationship remains in AAAA even though BBBB was removed.
{noformat}
dn: cn=AAAA,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
objectClass: top
objectClass: groupOfNames
cn: AAAA
member: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
member: cn=BBBB,ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com
{noformat}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
4483
days inactive
4755
days old
3 comments
3 participants
participants (3)
-
Patrice Lamarque (JIRA) -
Toshiya Kobayashi (Created) (JIRA)
-
Toshiya Kobayashi (Updated) (JIRA)