directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patricio Demitrio <pdemit...@scoop-gmbh.de>
Subject Re: [ApacheDS] Never reaching PasswordPolicyImpl in custom server
Date Thu, 21 Feb 2013 11:32:22 GMT
That code is my original server configuration. Searching in the log file
(the really big one), I can see how the password policy is loaded. Here are
some random entries, just to give you an idea:
-
2013.02.21 10:49:45,239 DEBUG [main]
org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry
[] - registered ads-passwordPolicy for OID 1.3.6.1.4.1.18060.0.4.1.3.900
2013.02.21 10:49:45,239 DEBUG [main]
org.apache.directory.api.ldap.model.schema.registries.Registries [] -
registered ads-passwordPolicy for OID 1.3.6.1.4.1.18060.0.4.1.3.900
2013.02.21 10:50:00,437 DEBUG [main]
org.apache.directory.server.config.ConfigPartitionReader [] - Reading from
'ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config',
objectClass 'ads-passwordPolicy'
2013.02.21 10:50:00,439 DEBUG [main]
org.apache.directory.server.config.ConfigPartitionReader [] - The top level
object class is ads-passwordPolicy
2013.02.21 10:50:00,439 DEBUG [main]
org.apache.directory.server.config.ConfigPartitionReader [] - Bean
org.apache.directory.server.config.beans.PasswordPolicyBean created for
ObjectClass ads-passwordPolicy
change password policy category count : 0
      change password policy password length : 0
      change password policy token size : 0




On Thu, Feb 21, 2013 at 12:26 PM, Kiran Ayyagari <kayyagari@apache.org>wrote:

> On Thu, Feb 21, 2013 at 4:42 PM, Patricio Demitrio
> <pdemitrio@scoop-gmbh.de>wrote:
>
> > I added it. Here's my code:
> > -------------
> > configPartition = new SingleFileLdifPartition( schemaManager );
> > configPartition.setId( "config" );
> > configPartition.setPartitionPath( confFile.toURI() );
> > configPartition.setSuffixDn( new Dn( schemaManager, "ou=config" ) );
> > configPartition.setSchemaManager( schemaManager );
> > configPartition.initialize();
> >
> > cpReader = new ConfigPartitionReader( configPartition );
> >
> > configBean = cpReader.readConfig();
> >
> > service.addPartition(configPartition);
> >
> > the config.ldif file I'm using is the one that comes by default with
> apache
> > ds
> >
> > and still you are not able to read password policy configuration?
>
> > Thanks
> >
> >
> > On Thu, Feb 21, 2013 at 12:08 PM, Kiran Ayyagari <kayyagari@apache.org
> > >wrote:
> >
> > > are you using an embedded server? if yes then the config partition is
> not
> > > available unless you add it
> > >
> > > On Thu, Feb 21, 2013 at 4:31 PM, Patricio Demitrio
> > > <pdemitrio@scoop-gmbh.de>wrote:
> > >
> > > > Hi, I'm trying to access the password policy options with a custom
> > server
> > > > installation and I'm not able to reach it. I'm able to reach it with
> a
> > > > normal ldap server
> > > >
> > > > I have both complete log files (Over 1GB) so if someone can help me,
> I
> > > can
> > > > look up the precise point where I'm making the error. Here I'm
> copying
> > > the
> > > > moment where the user logs to the system and the password policy
> > options
> > > > are not loading. Both users have the same attributes
> > > >
> > > > Here's the log file in a normal apacheds server:
> > > >
> > > >
> > >
> >
> -----------------------------------------------------------------------------
> > > > [15:52:41] DEBUG
> > > [org.apache.directory.server.core.DefaultOperationManager]
> > > > - >> BindOperation : BindContext for Dn
> 'uid=user1,dc=example,dc=com',
> > > > credentials <0x70 0x61 0x73 0x73 0x77 0x6F 0x72 0x64 >
> > > > [15:52:41] DEBUG
> > > > [org.apache.directory.server.core.authn.AuthenticationInterceptor] -
> > > > Operation Context: BindContext for Dn 'uid=user1,dc=example,dc=com',
> > > > credentials <0x70 0x61 0x73 0x73 0x77 0x6F 0x72 0x64 >
> > > > [15:52:41] DEBUG
> > > > [org.apache.directory.server.core.authn.AbstractAuthenticator] -
> > > > Authenticating uid=user1,dc=example,dc=com
> > > > [15:52:41] DEBUG
> > > > [org.apache.directory.server.core.authn.AbstractAuthenticator] -
> > checking
> > > > if account with the Dn uid=user1,dc=example,dc=com is locked
> > > > [15:52:41] DEBUG
> > > >
> > > >
> > >
> >
> [org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry]
> > > > - Found ATTRIBUTE_TYPE ( 1.3.6.1.4.1.42.2.27.8.1.17
> > > >  NAME 'pwdAccountLockedTime'
> > > >  DESC The time an user account was locked
> > > >  EQUALITY generalizedTimeMatch
> > > >  ORDERING generalizedTimeOrderingMatch
> > > >  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
> > > >  SINGLE-VALUE
> > > >  NO-USER-MODIFICATION
> > > >  USAGE directoryOperation
> > > >  )
> > > >  with oid: pwdaccountlockedtime
> > > > [15:52:41] DEBUG
> > > >
> > > >
> > >
> >
> [org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry]
> > > > - Found ATTRIBUTE_TYPE ( 1.3.6.1.4.1.42.2.27.8.1.27
> > > >  NAME 'pwdStartTime'
> > > >  DESC The time the password becomes enabled
> > > >  EQUALITY generalizedTimeMatch
> > > >  ORDERING generalizedTimeOrderingMatch
> > > >  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
> > > >  SINGLE-VALUE
> > > >  NO-USER-MODIFICATION
> > > >  USAGE directoryOperation
> > > >  )
> > > >  with oid: pwdstarttime
> > > > [15:52:41] DEBUG
> > > >
> > > >
> > >
> >
> [org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry]
> > > > - Found ATTRIBUTE_TYPE ( 1.3.6.1.4.1.42.2.27.8.1.28
> > > >  NAME 'pwdEndTime'
> > > >  DESC The time the password becomes disabled
> > > >  EQUALITY generalizedTimeMatch
> > > >  ORDERING generalizedTimeOrderingMatch
> > > >  SYNTAX 1.3.6.1.4.1.1466.115.121.1.24
> > > >  SINGLE-VALUE
> > > >  NO-USER-MODIFICATION
> > > >  USAGE directoryOperation
> > > >  )
> > > >  with oid: pwdendtime
> > > > [15:52:41] DEBUG
> > > >
> > > >
> > >
> >
> [org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry]
> > > > - Found ATTRIBUTE_TYPE ( 2.5.4.35
> > > >  NAME 'userPassword'
> > > >  DESC RFC2256/2307: password of user
> > > >  EQUALITY octetStringMatch
> > > >  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
> > > >  USAGE userApplications
> > > >  )
> > > >  with oid: userpassword
> > > > [15:52:41] DEBUG
> > > > [org.apache.directory.server.core.authn.AbstractAuthenticator] -
> > > > uid=user1,dc=example,dc=com Authenticated
> > > > [15:52:41] DEBUG
> > > >
> > > >
> > >
> >
> [org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry]
> > > > - Found ATTRIBUTE_TYPE ( 2.5.4.0
> > > >  NAME 'objectClass'
> > > >  DESC RFC2256: object classes of the entity
> > > >  EQUALITY objectIdentifierMatch
> > > >  SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
> > > >  USAGE userApplications
> > > >  )
> > > >  with oid: objectclass
> > > > [15:52:41] DEBUG
> > > [org.apache.directory.server.core.DefaultOperationManager]
> > > > - << BindOperation successful
> > > > [15:52:41] DEBUG
> > > >
> [org.apache.directory.server.ldap.handlers.request.BindRequestHandler]
> > -
> > > > Returned SUCCESS message: MessageType : BIND_RESPONSE
> > > > Message ID : 1
> > > >     BindResponse
> > > >         Ldap Result
> > > >             Result code : (SUCCESS) success
> > > >             Matched Dn : 'null'
> > > >             Diagnostic message : 'null'
> > > >
> > > >
> > >
> >
> org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyImpl@3ddcc4cdorg.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyImpl
> > > > @3ddcc4cd.
> > > > [15:52:41] DEBUG [org.apache.mina.core.filterchain.IoFilterEvent] -
> > Event
> > > > MESSAGE_RECEIVED has been fired for session 2
> > > > [15:52:41] DEBUG
> > > > [org.apache.directory.server.ldap.handlers.LdapResponseHandler] -
> > Message
> > > > Sent : MessageType : BIND_RESPONSE
> > > > Message ID : 1
> > > >     BindResponse
> > > >         Ldap Result
> > > >             Result code : (SUCCESS) success
> > > >             Matched Dn : 'null'
> > > >             Diagnostic message : 'null'
> > > >
> > > >
> > >
> >
> org.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyImpl@3ddcc4cdorg.apache.directory.api.ldap.extras.controls.ppolicy.PasswordPolicyImpl
> > > > @3ddcc4cd
> > > >
> > > >
> > >
> >
> --------------------------------------------------------------------------------------
> > > >
> > > > And here's my log file:
> > > >
> > > >
> > >
> >
> ----------------------------------------------------------------------------------------
> > > > 2013.02.21 11:08:03,002 DEBUG [pool-4-thread-1]
> > > > org.apache.directory.server.core.DefaultOperationManager [] - >>
> > > > BindOperation : BindContext for Dn 'uid=00000004,dc=company,dc=com',
> > > > credentials <0x70 0x77 0x64 0x2D 0x6D 0x6A 0x61 0x63 0x6B 0x73 0x6F
> > 0x6E
> > > >
> > > > 2013.02.21 11:08:03,003 DEBUG [pool-4-thread-1]
> > > > org.apache.directory.server.core.authn.AuthenticationInterceptor [] -
> > > > Operation Context: BindContext for Dn
> 'uid=00000004,dc=company,dc=com',
> > > > credentials <0x70 0x77 0x64 0x2D 0x6D 0x6A 0x61 0x63 0x6B 0x73 0x6F
> > 0x6E
> > > >
> > > > 2013.02.21 11:08:03,003 DEBUG [pool-4-thread-1]
> > > > org.apache.directory.server.core.authn.AbstractAuthenticator [] -
> > > > Authenticating uid=00000004,dc=company,dc=com
> > > > 2013.02.21 11:08:03,003 DEBUG [pool-4-thread-1]
> > > > org.apache.directory.api.ldap.model.schema.comparators.UuidComparator
> > []
> > > -
> > > > comparing UUID objects '14752f4b-6106-4ac6-8c22-4557794858f8' with
> > > > '15ae738f-dccc-4a72-af03-0476fd644802'
> > > > 2013.02.21 11:08:03,003 DEBUG [pool-4-thread-1]
> > > > org.apache.directory.api.ldap.model.schema.comparators.UuidComparator
> > []
> > > -
> > > > comparing UUID objects '14752f4b-6106-4ac6-8c22-4557794858f8' with
> > > > '14752f4b-6106-4ac6-8c22-4557794858f8'
> > > > 2013.02.21 11:08:03,003 DEBUG [pool-4-thread-1]
> > > >
> > > >
> > >
> >
> org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry
> > > > [] - Found ATTRIBUTE_TYPE ( 2.5.4.35
> > > >  NAME 'userPassword'
> > > >  DESC RFC2256/2307: password of user
> > > >  EQUALITY octetStringMatch
> > > >  SYNTAX 1.3.6.1.4.1.1466.115.121.1.40
> > > >  USAGE userApplications
> > > >  )
> > > >  with oid: userpassword
> > > > 2013.02.21 11:08:03,005 DEBUG [pool-4-thread-1]
> > > > org.apache.directory.server.core.authn.AbstractAuthenticator [] -
> > > > uid=00000004,dc=company,dc=com Authenticated
> > > > 2013.02.21 11:08:03,005 DEBUG [pool-4-thread-1]
> > > >
> > > >
> > >
> >
> org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry
> > > > [] - Found ATTRIBUTE_TYPE ( 2.5.4.0
> > > >  NAME 'objectClass'
> > > >  DESC RFC2256: object classes of the entity
> > > >  EQUALITY objectIdentifierMatch
> > > >  SYNTAX 1.3.6.1.4.1.1466.115.121.1.38
> > > >  USAGE userApplications
> > > >  )
> > > >  with oid: objectclass
> > > > 2013.02.21 11:08:03,005 DEBUG [pool-4-thread-1]
> > > > org.apache.directory.server.core.DefaultOperationManager [] - <<
> > > > BindOperation successful
> > > > 2013.02.21 11:08:03,006 DEBUG [pool-4-thread-1]
> > > > org.apache.directory.server.ldap.handlers.request.BindRequestHandler
> > [] -
> > > > Returned SUCCESS message: MessageType : BIND_RESPONSE
> > > > Message ID : 1
> > > >     BindResponse
> > > >         Ldap Result
> > > >             Result code : (SUCCESS) success
> > > >             Matched Dn : 'null'
> > > >             Diagnostic message : 'null'
> > > > .
> > > > 2013.02.21 11:08:03,006 DEBUG [pool-4-thread-1]
> > > > org.apache.mina.core.filterchain.IoFilterEvent [] - Event
> > > MESSAGE_RECEIVED
> > > > has been fired for session 2
> > > > 2013.02.21 11:08:03,006 DEBUG [NioProcessor-3]
> > > > org.apache.directory.server.ldap.handlers.LdapResponseHandler [] -
> > > Message
> > > > Sent : MessageType : BIND_RESPONSE
> > > > Message ID : 1
> > > >     BindResponse
> > > >         Ldap Result
> > > >             Result code : (SUCCESS) success
> > > >             Matched Dn : 'null'
> > > >             Diagnostic message : 'null'
> > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------------------------------------------------
> > > >
> > > >
> > > > Thanks in advance
> > > > Patricio
> > > >
> > >
> > >
> > >
> > > --
> > > Kiran Ayyagari
> > > http://keydap.com
> > >
> >
>
>
>
> --
> Kiran Ayyagari
> http://keydap.com
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message