kylin-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "mathias kluba (JIRA)" <j...@apache.org>
Subject [jira] [Created] (KYLIN-2305) Unable to use long searchBase/Pattern for LDAP
Date Tue, 20 Dec 2016 14:01:00 GMT
mathias kluba created KYLIN-2305:
------------------------------------

             Summary: Unable to use long searchBase/Pattern for LDAP
                 Key: KYLIN-2305
                 URL: https://issues.apache.org/jira/browse/KYLIN-2305
             Project: Kylin
          Issue Type: Bug
    Affects Versions: v1.6.0
            Reporter: mathias kluba


I try to use LDAP authentication.
I set the ldap.user.searchBase & ldap.user.searchPattern & ldap.user.groupSearchBase
I followed the documentation http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html

It crashed because of:
{code}
Failed to parse DN; nested exception is org.springframework.ldap.core.TokenMgrError: Lexical
error at line 1, column 38.  Encountered: "." (46), after : ""
{code}

I change the logger configuration to have debug to understand the query done using Spring
Security LdapTemplate.
It seems that it trim the value at column 38 and add "..."

I can't tell you my real AD path, but here is an example:
in kylin.properties:
{code}
 ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
{code}
Debug log:
{code}
2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] search.FilterBasedLdapUserSearch:107
: Searching for user 'mylogin', with user search [ searchFilter: '(sAMAccountName={0})', searchBase:
'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 0, derefLinkFlag:
false ]
{code}

I change the searchBase to be shorted (less than 38 char) and it seems that the bug is the
same with the searchPattern and the groupSearchBase.





--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message