[keycloak-dev] Error when the value of "UUID LDAP attribute" is the same of the "Username LDAP attribute"

Tue Jul 14 14:24:14 EDT 2015

Hi,

I get this error when the value of "UUID LDAP attribute" is the same of the  "Username LDAP attribute": Ex. "uid"

Caused by: java.lang.NullPointerException
    at org.keycloak.models.cache.DefaultCacheUserProvider.getUserByUsername(DefaultCacheUserProvider.java:149) [keycloak-invalidation-cache-model-1.3.1.Final.jar:1.3.1.Final]
    at org.keycloak.federation.ldap.LDAPFederationProvider.importLDAPUsers(LDAPFederationProvider.java:391)

The method org.keycloak.federation.ldap.LDAPUtils.getUsername(LDAPObject, LDAPConfig)
dont return the username, because the attribute is not in the map.

This occours because the uid is not added into the map of attributes.

I looked at  org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore.populateAttributedType(SearchResult, Collection<String>) line 402:

                if (ldapAttributeName.equalsIgnoreCase(getConfig().getUuidLDAPAttributeName())) {
                    Object uuidValue = ldapAttribute.get();
                    ldapObject.setUuid(this.operationManager.decodeEntryUUID(uuidValue));
                } else {
                    Set<String> attrValues = new TreeSet<>();
                    NamingEnumeration<?> enumm = ldapAttribute.getAll();
                    while (enumm.hasMoreElements()) {
                        String attrVal = enumm.next().toString();
                        attrValues.add(attrVal);
                    } ...

-

"Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), empresa pública federal regida pelo disposto na Lei Federal nº 5.615, é enviada exclusivamente a seu destinatário e pode conter informações confidenciais, protegidas por sigilo profissional. Sua utilização desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, esclarecendo o equívoco."

"This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) -- a government company established under Brazilian law (5.615/70) -- is directed exclusively to its addressee and may contain confidential data, protected under professional secrecy rules. Its unauthorized use is illegal and may subject the transgressor to the law's penalties. If you're not the addressee, please send it back, elucidating the failure."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150714/33585202/attachment.html 