[midPoint] MidPoint + OpenLdap = InvalidKeyException
Radovan Semancik
radovan.semancik at evolveum.com
Tue Apr 19 18:36:13 CEST 2016
Hi,
I have just noticed the same problem when running on Java 8. It looks
like it is caused by some incompatibility of ConnId and Java 8. I will
have a deeper look at that later: https://jira.evolveum.com/browse/MID-2892
In the meantime downgrading to Java 7 seems to be a workaround.
--
Radovan Semancik
Software Architect
evolveum.com
On 04/19/2016 04:08 PM, Rafael Marquez wrote:
> Hi,
>
> I'm trying to setup MidPoint with OpenLdap but when testing the
> resource connection the following error appears:
>
> /"Generic connector error for the
> resource:d0811790-1d80-11e4-86b2-3c970e467874(OpenLDAP):
> java.security.InvalidKeyException: Illegal key size"/
>
>
> Java version: 1.8.0_72
>
> Server: Apache Tomcat 8.0.30
>
> OS: Ubuntu 14.04 LTS 64-bit
>
> Midpoint connectorType: com.evolveum.polygon.connector.ldap.LdapConnector
>
> OpenLdap: Docker container using "dinkel/openldap" image using Debian
> “jessie” and openldap 2.4.40.
>
>
> I've tested Openldap container using Apache Directory Studio and I
> managed to create Organizational units and People without problem.
> Used default password "mysecretpassword"
>
>
> Any idea?
>
>
> Exception output from Midpoint front end:
>
> <operationResult
> xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
> xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">
> <operation>com.evolveum.midpoint.provisioning.ucf.api.ConnectorInstance.configure</operation>
> <status>fatal_error</status>
> <params>
> <entry key="configuration">
> <unknownJavaObject>
> <class>com.evolveum.midpoint.prism.PrismContainerValue</class>
> <toString>PCV(null):[PC({http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3}resultsHandlerConfiguration):[PCV(null):[PP({.../connector/icf-1/connector-schema-3}enableNormalizingResultsHandler):[PPV(Boolean:false)],
> PP({.../connector/icf-1/connector-schema-3}enableFilteredResultsHandler):[PPV(Boolean:false)],
> PP({.../connector/icf-1/connector-schema-3}enableAttributesToGetSearchResultsHandler):[PPV(Boolean:false)]]],
> PC({http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3}configurationProperties):[PCV(null):[PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}bindPassword):[PPV(ProtectedStringType:ProtectedStringType(encrypted=EncryptedDataType(encryptionMethod=EncryptionMethodType(algorithm=http://www.w3.org/2001/04/xmlenc#aes128-cbc),
> keyInfo=KeyInfoType(keyName=x032KTDe5pheYvv7EqrmSWu+FPI=),
> cipherData=CipherDataType(cipherValue=[48 bytes]))))],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}vlvSortOrderingRule):[PPV(String:2.5.13.3)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}operationalAttributes):[PPV(String:memberOf),
> PPV(String:createTimestamp)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}bindDn):[PPV(String:cn=admin,dc=ldap,dc=example,dc=org)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}host):[PPV(String:localhost)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}passwordHashAlgorithm):[PPV(String:SSHA)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}vlvSortAttribute):[PPV(String:uid)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}pagingStrategy):[PPV(String:auto)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}port):[PPV(Integer:389)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}usePermissiveModify):[PPV(String:always)],
> PP({.../connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector}baseContext):[PPV(String:dc=ldap,dc=example,dc=org)]]]]</toString>
> </unknownJavaObject>
> </entry>
> </params>
> <token>1000000000000000216</token>
> <message>java.security.InvalidKeyException: Illegal key size</message>
> <details>java.lang.RuntimeException:
> java.security.InvalidKeyException: Illegal key size
> org.identityconnectors.common.security.impl.EncryptorImpl.encrypt(EncryptorImpl.java:95)
> org.identityconnectors.common.security.GuardedString.encryptBytes(GuardedString.java:266)
> org.identityconnectors.common.security.GuardedString.encryptChars(GuardedString.java:242)
> org.identityconnectors.common.security.GuardedString.<init>(GuardedString.java:91)
> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.toGuardedString(ConnectorInstanceIcfImpl.java:3276)
> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.convertToIcf(ConnectorInstanceIcfImpl.java:3234)
> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.convertToIcfSingle(ConnectorInstanceIcfImpl.java:3213)
> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.transformConnectorConfiguration(ConnectorInstanceIcfImpl.java:3067)
> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.transformConnectorConfiguration(ConnectorInstanceIcfImpl.java:2997)
> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.configure(ConnectorInstanceIcfImpl.java:290)
> com.evolveum.midpoint.provisioning.impl.ConnectorManager.createConfiguredConnectorInstance(ConnectorManager.java:157)
> com.evolveum.midpoint.provisioning.impl.ConnectorManager.getConfiguredConnectorInstance(ConnectorManager.java:129)
> com.evolveum.midpoint.provisioning.impl.ResourceManager.getConnectorInstance(ResourceManager.java:813)
> com.evolveum.midpoint.provisioning.impl.ResourceManager.completeResource(ResourceManager.java:272)
> com.evolveum.midpoint.provisioning.impl.ResourceManager.loadAndCacheResource(ResourceManager.java:162)
> com.evolveum.midpoint.provisioning.impl.ResourceManager.getResource(ResourceManager.java:155)
> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.getObject(ProvisioningServiceImpl.java:207)
> com.evolveum.midpoint.model.impl.ModelObjectResolver.getObject(ModelObjectResolver.java:157)
> com.evolveum.midpoint.model.impl.controller.ModelController.getObject(ModelController.java:263)
> sun.reflect.GeneratedMethodAccessor527.invoke(Unknown Source)
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> java.lang.reflect.Method.invoke(Method.java:498)
> org.apache.wicket.proxy.LazyInitProxyFactory$JdkHandler.invoke(LazyInitProxyFactory.java:507)
> com.sun.proxy.$Proxy150.getObject(Unknown Source)
> com.evolveum.midpoint.gui.api.util.WebModelServiceUtils.loadObject(WebModelServiceUtils.java:175)
> com.evolveum.midpoint.web.page.admin.resources.PageResource.loadResource(PageResource.java:159)
> com.evolveum.midpoint.web.page.admin.resources.PageResource.access$000(PageResource.java:86)
> com.evolveum.midpoint.web.page.admin.resources.PageResource$1.load(PageResource.java:139)
> com.evolveum.midpoint.web.page.admin.resources.PageResource$1.load(PageResource.java:135)
> com.evolveum.midpoint.gui.api.model.LoadableModel.getObject(LoadableModel.java:58)
> com.evolveum.midpoint.web.page.admin.resources.PageResource.initLayout(PageResource.java:169)
> com.evolveum.midpoint.web.page.admin.resources.PageResource.initialize(PageResource.java:143)
> com.evolveum.midpoint.web.page.admin.resources.PageResource.<init>(PageResource.java:124)
> sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> java.lang.reflect.Constructor.newInstance(Constructor.java:423)
> org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:171)
> org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:99)
> org.apache.wicket.DefaultMapperContext.newPageInstance(DefaultMapperContext.java:106)
> org.apache.wicket.core.request.handler.PageProvider.resolvePageInstance(PageProvider.java:271)
> org.apache.wicket.core.request.handler.PageProvider.getPageInstance(PageProvider.java:169)
> org.apache.wicket.request.handler.render.PageRenderer.getPage(PageRenderer.java:78)
> org.apache.wicket.request.handler.render.WebPageRenderer.isPageStateless(WebPageRenderer.java:287)
> org.apache.wicket.request.handler.render.WebPageRenderer.shouldRenderPageAndWriteResponse(WebPageRenderer.java:329)
> org.apache.wicket.request.handler.render.WebPageRenderer.respond(WebPageRenderer.java:193)
> org.apache.wicket.core.request.handler.RenderPageRequestHandler.respond(RenderPageRequestHandler.java:175)
> org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:865)
> org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
> org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:265)
> org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:222)
> org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
> org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
> org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
> org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
> org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:125)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
> org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
> org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
> org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
> org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
> org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> com.evolveum.midpoint.web.util.MidPointProfilingServletFilter.doFilter(MidPointProfilingServletFilter.java:86)
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521)
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1096)
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674)
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> java.lang.Thread.run(Thread.java:745)
> </details>
> </operationResult>
>
>
> Thank you in advance!
>
>
> All the best,
>
> Rafa
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160419/d01275d9/attachment.htm>
More information about the midPoint
mailing list