[midPoint] OpenLDAP, can't search users, NumberFormatException.

Sun Feb 4 23:30:27 CET 2018

Ok.

I downloaded Evolveum/connector-ldap from the github.
After some modifications in the source code and building the jar
it is working now.

In fact, there is a function in the connector: "Integer.ParseInt()"
which is checking LDAP input value.
If the value exceeds Java Integer datatype, it returns
"NumberFormatException" exception.

So you have been warned: don't store too big numbers in your LDAP.

Best regards,
WS!

W dniu 03.02.2018 o 15:10, Wojciech Staszewski pisze:
>
> Well, there are some inconsistencies between LDAP Integer and Java
> Integer format.
>
> LDAP:
>
> /RFC 4517, chap. 3.3.16 : 3.3.16. Integer A value of the Integer syntax
> is a //*whole number of *unlimited magnitude**//. The LDAP-specific encoding of a value of this syntax is the
> optionally signed decimal digit character string representation of the
> number (for example, the number 1321 is represented by the character
> string "1321")./
>
> As you can see, the maximum value of LDAP integer is practically
> *unlimited*.
> But if the connector recognizes the LDAP Integer value it uses Java
> integer for that which has hard limit: 2^31.
>
> What interesting, setting "long" in the connector schema to override
> that, does not work.
> I don't know if this is Java or connector issue, probably the connector.
>
> Can I do something with it without getting a Java doctorate?
>
> Regards
> WS
>
>
> W dniu 03.02.2018 o 12:27, Wojciech Staszewski pisze:
>>
>> Hello!
>>
>> I'm trying to configure OpenLDAP resource. I am using for the users
>> some other objectClasses, i.e: "sambaSamAccount".
>>
>> In the user section of SchemaHandling I added the auxiliaryObjectClasses:
>>
>> <auxiliaryObjectClass>ri:sambaSamAccount</auxiliaryObjectClass>
>>
>> But if I go to the resource and try to browse accounts I have an error:
>>
>> /Operation//*
>> operation.com.evolveum.midpoint.web.component.data.SelectableBeanObjectDataProvider.searchObjects*/
>>
>>
>> /Message//
>> //Couldn't list objects./
>>
>> /Error//
>> //Got unexpected exception: java.lang.NumberFormatException: For
>> input string: "87730534435"/
>>
>> The numeric value that is causing error comes from the
>> "sambaPwdMustChange" attribute from the "sambaSamAccount" object class.
>> This the only place in my LDAP where this particular value exists.
>>
>> In the schema section of resource configuration it was recognized as
>> Integer data type, as in the ldap schema extension this is integer:
>>
>> /attributetype ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange'//
>> //        DESC 'Timestamp of when the password will expire'//
>> //        EQUALITY integerMatch//
>> //        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )/
>>
>> I modifed the resource schema manually and set this attribute as
>> "long" and also tried "string" but the error is still the same.
>>
>> I tried to use different connector version, from 1.4.4 up to 1.5.1
>> and this not helped.
>> Midpoint version 3.7-post-fixes from yesterday's build.
>>
>> Any ideas?
>> Thanks a lot!
>> WS
>>
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-- 
Wojciech Staszewski
Administrator Systemów Sieciowych
tel. kom: 663 680 236
www.diagnostyka.pl
Diagnostyka Sp. z o. o.
ul. Prof. M. Życzkowskiego 16, 31-864 Kraków
Numer KRS: 0000381559 (Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, XI Wydział Gospodarczy KRS)
NIP: 675-12-65-009; REGON: 356366975
Kapitał zakładowy: 33 756 500 zł.

Pomyśl o środowisku zanim wydrukujesz ten e-mail.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20180204/9449fe45/attachment.htm>