[keycloak-dev] Error when the value of "UUID LDAP attribute" is the same of the "Username LDAP attribute"

Marek Posolda mposolda at redhat.com
Tue Jul 14 14:56:59 EDT 2015 

Thanks for reporting this. Feel free to create JIRA and assign it to me.

Thanks,
Marek

On 14.7.2015 20:24, Marcelo Arthur Sampaio wrote:
> Hi,
>
> I get this error when the value of "UUID LDAP attribute" is the same 
> of the  "Username LDAP attribute": Ex. "uid"
>
> Caused by: java.lang.NullPointerException
>     at 
> org.keycloak.models.cache.DefaultCacheUserProvider.getUserByUsername(DefaultCacheUserProvider.java:149) 
> [keycloak-invalidation-cache-model-1.3.1.Final.jar:1.3.1.Final]
>     at 
> org.keycloak.federation.ldap.LDAPFederationProvider.importLDAPUsers(LDAPFederationProvider.java:391)
>
> The method 
> org.keycloak.federation.ldap.LDAPUtils.getUsername(LDAPObject, LDAPConfig)
> dont return the username, because the attribute is not in the map.
>
> This occours because the uid is not added into the map of attributes.
>
> I looked at 
> org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore.populateAttributedType(SearchResult, 
> Collection<String>) line 402:
>
>                 if 
> (ldapAttributeName.equalsIgnoreCase(getConfig().getUuidLDAPAttributeName())) 
> {
>                     Object uuidValue = ldapAttribute.get();
> ldapObject.setUuid(this.operationManager.decodeEntryUUID(uuidValue));
>                 } else {
>                     Set<String> attrValues = new TreeSet<>();
>                     NamingEnumeration<?> enumm = ldapAttribute.getAll();
>                     while (enumm.hasMoreElements()) {
>                         String attrVal = enumm.next().toString();
>                         attrValues.add(attrVal);
>                     } ...
>
>
> -
>
>
> "Esta mensagem do SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), 
> empresa pública federal regida pelo disposto na Lei Federal nº 5.615, 
> é enviada exclusivamente a seu destinatário e pode conter informações 
> confidenciais, protegidas por sigilo profissional. Sua utilização 
> desautorizada é ilegal e sujeita o infrator às penas da lei. Se você a 
> recebeu indevidamente, queira, por gentileza, reenviá-la ao emitente, 
> esclarecendo o equívoco."
>
> "This message from SERVIÇO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO) 
> -- a government company established under Brazilian law (5.615/70) -- 
> is directed exclusively to its addressee and may contain confidential 
> data, protected under professional secrecy rules. Its unauthorized use 
> is illegal and may subject the transgressor to the law's penalties. If 
> you're not the addressee, please send it back, elucidating the failure."
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-dev/attachments/20150714/baad555b/attachment.html

More information about the keycloak-dev mailing list