[midPoint] Error with password generation
Ivan Noris
ivan.noris at evolveum.com
Tue Jun 3 22:33:33 CEST 2014
Hi Deepak,
that's great to see/hear/read! I was playing hard with password policies
recently and have not seen the error you've stated, so I've had assumed
it has been already fixed. Thank you for confirmation!
Best regards,
Ivan
On 06/03/2014 02:02 PM, Deepak Natarajan wrote:
>
> Hi -
>
> I just realized that 3.0 has been released :) and installed the new
> version. This error seems to have vanished now!
>
> BR/Deepak
>
>> Deepak Natarajan <mailto:dnataraj at trilobytesystems.com>
>> June 3, 2014 at 11:19 AM
>>
>> Hi -
>>
>> We are still encountering an error when using a custom value policy
>> (This is for outward provisioning of users in Active Directory).
>>
>> This was *working* and seems to be broken in more recent builds of
>> 2.3-SNAPSHOT.
>>
>> The exception is :
>>
>> 2014-06-03 10:12:06,692 [] [midPointScheduler_Worker-5] ERROR
>> (com.evolveum.midpoint.model.util.AbstractSearchIterativeResultHandler):
>> Import of object shadow:cfb80cc6-d4ad-42ef-
>> afc0-ba391d0d06c0(brira) from
>> resource:036f0100-2fe8-49e1-a8fd-5548374f8703(APOS CSV Feeder
>> Resource Definition) failed:
>> java.lang.StringIndexOutOfBoundsException: String index out of range: 1
>> com.evolveum.midpoint.util.exception.SystemException:
>> java.lang.StringIndexOutOfBoundsException: String index out of range: 1
>> at
>> com.evolveum.midpoint.model.sync.SynchronizationService.notifyChange(SynchronizationService.java:258)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.impl.ChangeNotificationDispatcherImpl.notifyChange(ChangeNotificationDispatcherImpl.java:153)
>> ~[provisioning-impl-2.3-SNAPSHOT.jar:n
>> a]
>> at
>> com.evolveum.midpoint.model.sync.SynchronizeAccountResultHandler.handleObject(SynchronizeAccountResultHandler.java:165)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.util.AbstractSearchIterativeResultHandler.handle(AbstractSearchIterativeResultHandler.java:125)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl$5.handle(ProvisioningServiceImpl.java:1215)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.impl.ShadowCache$2.handle(ShadowCache.java:895)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter$2.handle(ResourceObjectConverter.java:622)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl$2.handle(ConnectorInstanceIcfImpl.java:1821)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> org.identityconnectors.framework.impl.api.StreamHandlerUtil$ObjectStreamHandlerAdapter.handle(StreamHandlerUtil.java:89)
>> [connector-framework-internal-1.4.0.0-SNAPSHOT
>> .jar:na]
>> at
>> org.identityconnectors.framework.impl.api.BufferedResultsProxy.invoke(BufferedResultsProxy.java:255)
>> [connector-framework-internal-1.4.0.0-SNAPSHOT.jar:na]
>> at
>> org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:94)
>> [connector-framework-internal-1.4.0.0-SNAPSHOT.jar:na]
>> at com.sun.proxy.$Proxy172.search(Unknown Source) [na:na]
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
>> Method) ~[na:1.7.0_21]
>> at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown
>> Source) ~[na:1.7.0_21]
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>> Source) ~[na:1.7.0_21]
>> at java.lang.reflect.Method.invoke(Unknown Source) ~[na:1.7.0_21]
>> at
>> org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:77)
>> [connector-framework-internal-1.4.0.0-SNAPSHOT.jar:na]
>> at com.sun.proxy.$Proxy172.search(Unknown Source) [na:na]
>> at
>> org.identityconnectors.framework.impl.api.AbstractConnectorFacade.search(AbstractConnectorFacade.java:173)
>> [connector-framework-internal-1.4.0.0-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.search(ConnectorInstanceIcfImpl.java:1857)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter.searchResourceObjects(ResourceObjectConverter.java:627)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.impl.ShadowCache.searchObjectsIterativeInternal(ShadowCache.java:900)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.impl.ShadowCache.searchObjectsIterative(ShadowCache.java:763)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.searchObjectsIterative(ProvisioningServiceImpl.java:1261)
>> [provisioning-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.ModelObjectResolver.searchIterative(ModelObjectResolver.java:222)
>> [model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.util.AbstractSearchIterativeTaskHandler.run(AbstractSearchIterativeTaskHandler.java:155)
>> [model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.executeHandler(JobExecutor.java:473)
>> [task-quartz-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.executeSingleTask(JobExecutor.java:286)
>> [task-quartz-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.execute(JobExecutor.java:165)
>> [task-quartz-impl-2.3-SNAPSHOT.jar:na]
>> at org.quartz.core.JobRunShell.run(JobRunShell.java:213)
>> [quartz-2.1.3.jar:na]
>> at
>> org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)
>> [quartz-2.1.3.jar:na]
>> Caused by: java.lang.StringIndexOutOfBoundsException: String index
>> out of range: 1
>> at java.lang.String.substring(Unknown Source) ~[na:1.7.0_21]
>> at
>> com.evolveum.midpoint.common.policy.PasswordPolicyUtils.validatePassword(PasswordPolicyUtils.java:306)
>> ~[common-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.common.policy.PasswordPolicyUtils.validatePassword(PasswordPolicyUtils.java:147)
>> ~[common-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.lens.projector.PasswordPolicyProcessor.processPasswordPolicy(PasswordPolicyProcessor.java:83)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.lens.projector.PasswordPolicyProcessor.processPasswordPolicy(PasswordPolicyProcessor.java:144)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.lens.projector.FocusProcessor.processFocusFocus(FocusProcessor.java:248)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.lens.projector.FocusProcessor.processFocus(FocusProcessor.java:176)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.lens.projector.Projector.project(Projector.java:153)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.lens.Clockwork.click(Clockwork.java:199)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.lens.Clockwork.run(Clockwork.java:156)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.sync.SynchronizationService.reactToChange(SynchronizationService.java:611)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> at
>> com.evolveum.midpoint.model.sync.SynchronizationService.notifyChange(SynchronizationService.java:253)
>> ~[model-impl-2.3-SNAPSHOT.jar:na]
>> ... 30 common frames omitted
>>
>> <valuePolicy
>> xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> oid="0c33054f-1c69-448b-b99b-a867d575e33e"
>> version="0">
>> <name>Vejle IDM Password Policy</name>
>> <description>Password Policy for the Vejle IDM
>> Infrastructure</description>
>> <lifetime>
>> <expiration>999</expiration>
>> <warnBeforeExpiration>9</warnBeforeExpiration>
>> <lockAfterExpiration>0</lockAfterExpiration>
>> <minPasswordAge>0</minPasswordAge>
>> <passwordHistoryLength>0</passwordHistoryLength>
>> </lifetime>
>> <stringPolicy>
>> <limitations>
>> <minLength>8</minLength>
>> <minUniqueChars>3</minUniqueChars>
>> <checkPattern/>
>> <limit>
>> <description>Lowercase characters</description>
>> <minOccurs>1</minOccurs>
>> <mustBeFirst>true</mustBeFirst>
>> <characterClass>
>> <value>abcdefghijklmnopqrstuvwxyz</value>
>> </characterClass>
>> </limit>
>> <limit>
>> <description>Uppercase characters</description>
>> <minOccurs>1</minOccurs>
>> <mustBeFirst>false</mustBeFirst>
>> <characterClass>
>> <value>ABCDEFGHIJKLMNOPQRSTUVWXYZ</value>
>> </characterClass>
>> </limit>
>> <limit>
>> <description>Numeric characters</description>
>> <minOccurs>1</minOccurs>
>> <mustBeFirst>false</mustBeFirst>
>> <characterClass>
>> <value>1234567890</value>
>> </characterClass>
>> </limit>
>> <limit>
>> <description>Special characters</description>
>> <minOccurs>1</minOccurs>
>> <mustBeFirst>false</mustBeFirst>
>> <characterClass>
>> <value>!"#$%&'()*+,-.:;<>?@[]^_`{|}~</value>
>> </characterClass>
>> </limit>
>> </limitations>
>> </stringPolicy>
>> </valuePolicy>
>>
>> This is a bit critical for us as we are unable to provision any users
>> for our testing phase. Could anyone please help?
>>
>> Also, if anyone could tell me how to test new policy's quickly (i.e
>> the maven test commands for that project - infra/common/policy) then
>> I could drop in my test policy and get to the root of the problem myself.
>>
>> Thanks!
>>
>> BR/
>
> --
> Deepak Natarajan
>
> Trilobyte Systems ApS
> Falkoner Alle 1, 3
> 2000 Frederiksberg
> Denmark
> +45 29375068
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer
evolveum.com
___________________________________________
"Idem per idem - semper idem Vix."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20140603/9e22505d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: compose-unknown-contact.jpg
Type: image/jpeg
Size: 770 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20140603/9e22505d/attachment.jpg>
More information about the midPoint
mailing list