Directory Client API
  1. Directory Client API
  2. DIRAPI-156

LdapNetworkConnection.addSchema doesn't register attribute types

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.0.0-M20
    • Fix Version/s: 1.0.0-M22
    • Labels:
      None

      Description

      I'm loading schema with code like:

      con.loadSchema(new JarLdifSchemaLoader());
      con.addSchema("custom.schema");

      Later an exception is thrown while I'm handling some search results. The entry in question looks like:

      dn: cn=ICRCSSTAccess,ou=Roles,o=jaas,dc=xoint,dc=net
      objectClass: groupOfNames
      cn: ICRCSSTAccess
      member: uid=gturner,ou=people,dc=xoint,dc=net
      member: uuid=98bb35ee-9ff3-444f-9925-7fe762810d50,o=Asus,ou=customers,dc=xoint,dc=net

      The code where the exception is thrown looks like:

      Attribute memberAttribute = entry.get("member");
      if (memberAttribute != null)
      for (Iterator<Value<?>> iterator = memberAttribute.iterator();
      iterator.hasNext()

      { @SuppressWarnings("unchecked") Value<String> value = (Value<String>) iterator.next(); String member = value.getValue(); Dn memberDn = new Dn(context.getSchemaManager(), member); members.add(memberDn); }

      It is the Dn instantiation that throws the following stacktrace:

      org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04188 The type cannot be empty or null
      at org.apache.directory.api.ldap.model.name.Dn.atavOidToName(Dn.java:1106)
      at org.apache.directory.api.ldap.model.name.Dn.rdnOidToName(Dn.java:1143)
      at org.apache.directory.api.ldap.model.name.Rdn.apply(Rdn.java:454)
      at org.apache.directory.api.ldap.model.name.Dn.apply(Dn.java:1202)
      at org.apache.directory.api.ldap.model.name.Dn.apply(Dn.java:1281)
      at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:287)
      at net.xoint.usermanager.model.Role.<init>(Role.java:45)
      at net.xoint.usermanager.model.LDAPLoader.loadRoles(LDAPLoader.java:75)
      at net.xoint.usermanager.model.LDAPLoader.load(LDAPLoader.java:52)
      at net.xoint.usermanager.UserManagerTest.test2(UserManagerTest.java:134)
      Caused by: org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04188 The type cannot be empty or null
      at org.apache.directory.api.ldap.model.name.Ava.apply(Ava.java:476)
      at org.apache.directory.api.ldap.model.name.Dn.atavOidToName(Dn.java:1100)
      ... 36 more
      Caused by: org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException: ERR_04269 ATTRIBUTE_TYPE for OID 1.3.6.1.4.1.38541.2.1.3 do\
      es not exist!
      at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:293)
      at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:47)
      at org.apache.directory.api.ldap.schemamanager.impl.DefaultSchemaManager.lookupAttributeTypeRegistry(DefaultSchemaManager.java:1604)
      at org.apache.directory.api.ldap.model.name.Ava.apply(Ava.java:470)
      ... 37 more
      Caused by: org.apache.directory.api.ldap.model.exception.LdapException: ERR_04269 ATTRIBUTE_TYPE for OID 1.3.6.1.4.1.38541.2.1.3 does not exist!
      at org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry.lookup(DefaultSchemaObjectRegistry.java:176)
      at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:289)
      ... 40 more

      OID 1.3.6.1.4.1.38541.2.1.3 is the uuid attribute that is part of a member DN. "custom.schema" defines it as follows:

      attributetype ( 1.3.6.1.4.1.38541.2.1.3
      NAME 'uuid'
      DESC 'The customer UUID'
      EQUALITY UUIDMatch
      SYNTAX 1.3.6.1.1.16.1
      SINGLE-VALUE )

      While scrutinizing the source, looking for why this attribute wouldn't be found in the DefaultSchemaObjectRegistry#byName Map for the AttributeTypeRegistry, I'm beginning to suspect that somewhere around where LdapNetworkConnection#addSchema is calling AttributeTypeRegistry#addMappingFor, it hasn't quite finished the job, perhaps something like calling AttributeTypeRegistry#register (which seems to be the only method that put's into the byName Map).

      Mailing List reference: https://mail-archives.apache.org/mod_mbox/directory-api/201308.mbox/%3C87eh9mhl46.fsf@zoth-ommog.unzane.com%3E

      1. DIRAPI-156.patch
        2 kB
        Gerald Turner

        Activity

        Gerald Turner created issue -
        Hide
        Gerald Turner added a comment -

        Sorry if the use of UUID in a DN made this analysis too complex - it happens to be the quickest path to an exception.

        In another example, if re-work the client to ignore instantiating a Dn containg this custom uuid attribute, and instead try to search other entries that have custom attributes that are not part of the DN, the API emits log messages about the type not existing, and fetching the attributes return null.

        Schema:

        attributetype ( 1.3.6.1.4.1.38541.2.1.100
        NAME 'requiredRole'
        DESC 'Required Roles for a company unit'
        SUP 2.5.4.49 )

        attributetype ( 1.3.6.1.4.1.38541.2.1.101
        NAME 'optionalRole'
        DESC 'Optional Role for a company unit'
        SUP distinguishedName )

        objectclass ( 1.3.6.1.4.1.38541.2.2.2
        NAME 'customerOrganization'
        DESC 'XOI Customer Organization Object reference'
        SUP organization
        MUST ( cn $ o )
        MAY ( optionalRole $ requiredRole ) )

        Entry:

        dn: o=Asus,ou=customers,dc=xoint,dc=net
        objectClass: customerOrganization
        o: Asus
        cn: Asus International ICR
        requiredRole: cn=Application1787,ou=roles,o=jaas,dc=xoint,dc=net
        requiredRole: cn=ICRCSSTAccess,ou=roles,o=jaas,dc=xoint,dc=net
        optionalRole: cn=ICRCSSTReadOnly,ou=roles,o=jaas,dc=xoint,dc=net
        optionalRole: cn=ICRCSSTRestrictDNISGroup,ou=roles,o=jaas,dc=xoint,dc=net

        Log output:

        10:48:52,821 WARN [org.apache.directory.api.ldap.model.entry.DefaultEntry] (NioProcessor-1) The attribute 'optionalrole' cannot be stored
        10:48:52,824 ERROR [org.apache.directory.api.ldap.model.entry.DefaultEntry] (main) ERR_04269 ATTRIBUTE_TYPE for OID requiredrole does not exist!
        10:48:52,825 ERROR [org.apache.directory.api.ldap.model.entry.DefaultEntry] (main) ERR_04269 ATTRIBUTE_TYPE for OID optionalrole does not exist!
        10:48:52,822 WARN [org.apache.directory.ldap.client.api.LdapNetworkConnection] (NioProcessor-1) ERR_04269 ATTRIBUTE_TYPE for OID optionalrole does not exist!: org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException: ERR_04269 ATTRIBUTE_TYPE for OID optionalrole does not exist!
        at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:293) [:]
        at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:1) [:]
        at org.apache.directory.api.ldap.schemamanager.impl.DefaultSchemaManager.lookupAttributeTypeRegistry(DefaultSchemaManager.java:1604) [:]
        at org.apache.directory.api.ldap.model.entry.DefaultEntry.<init>(DefaultEntry.java:311) [:]
        at org.apache.directory.ldap.client.api.LdapNetworkConnection.messageReceived(LdapNetworkConnection.java:2099) [:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:690) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) [mina-core-2.0.7.jar:]
        at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:407) [mina-core-2.0.7.jar:]
        at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:236) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) [mina-core-2.0.7.jar:]
        at org.apache.mina.filter.ssl.SslHandler.flushScheduledEvents(SslHandler.java:322) [mina-core-2.0.7.jar:]
        at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:497) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:410) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:710) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:664) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:653) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:67) [mina-core-2.0.7.jar:]
        at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1124) [mina-core-2.0.7.jar:]
        at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64) [mina-core-2.0.7.jar:]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) [rt.jar:1.7.0_09]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) [rt.jar:1.7.0_09]
        at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_09]
        Caused by: org.apache.directory.api.ldap.model.exception.LdapException: ERR_04269 ATTRIBUTE_TYPE for OID optionalrole does not exist!
        at org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry.lookup(DefaultSchemaObjectRegistry.java:176) [:]
        at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:289) [:]
        ... 30 more

        Show
        Gerald Turner added a comment - Sorry if the use of UUID in a DN made this analysis too complex - it happens to be the quickest path to an exception. In another example, if re-work the client to ignore instantiating a Dn containg this custom uuid attribute, and instead try to search other entries that have custom attributes that are not part of the DN, the API emits log messages about the type not existing, and fetching the attributes return null. Schema: attributetype ( 1.3.6.1.4.1.38541.2.1.100 NAME 'requiredRole' DESC 'Required Roles for a company unit' SUP 2.5.4.49 ) attributetype ( 1.3.6.1.4.1.38541.2.1.101 NAME 'optionalRole' DESC 'Optional Role for a company unit' SUP distinguishedName ) objectclass ( 1.3.6.1.4.1.38541.2.2.2 NAME 'customerOrganization' DESC 'XOI Customer Organization Object reference' SUP organization MUST ( cn $ o ) MAY ( optionalRole $ requiredRole ) ) Entry: dn: o=Asus,ou=customers,dc=xoint,dc=net objectClass: customerOrganization o: Asus cn: Asus International ICR requiredRole: cn=Application1787,ou=roles,o=jaas,dc=xoint,dc=net requiredRole: cn=ICRCSSTAccess,ou=roles,o=jaas,dc=xoint,dc=net optionalRole: cn=ICRCSSTReadOnly,ou=roles,o=jaas,dc=xoint,dc=net optionalRole: cn=ICRCSSTRestrictDNISGroup,ou=roles,o=jaas,dc=xoint,dc=net Log output: 10:48:52,821 WARN [org.apache.directory.api.ldap.model.entry.DefaultEntry] (NioProcessor-1) The attribute 'optionalrole' cannot be stored 10:48:52,824 ERROR [org.apache.directory.api.ldap.model.entry.DefaultEntry] (main) ERR_04269 ATTRIBUTE_TYPE for OID requiredrole does not exist! 10:48:52,825 ERROR [org.apache.directory.api.ldap.model.entry.DefaultEntry] (main) ERR_04269 ATTRIBUTE_TYPE for OID optionalrole does not exist! 10:48:52,822 WARN [org.apache.directory.ldap.client.api.LdapNetworkConnection] (NioProcessor-1) ERR_04269 ATTRIBUTE_TYPE for OID optionalrole does not exist!: org.apache.directory.api.ldap.model.exception.LdapNoSuchAttributeException: ERR_04269 ATTRIBUTE_TYPE for OID optionalrole does not exist! at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:293) [:] at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:1) [:] at org.apache.directory.api.ldap.schemamanager.impl.DefaultSchemaManager.lookupAttributeTypeRegistry(DefaultSchemaManager.java:1604) [:] at org.apache.directory.api.ldap.model.entry.DefaultEntry.<init>(DefaultEntry.java:311) [:] at org.apache.directory.ldap.client.api.LdapNetworkConnection.messageReceived(LdapNetworkConnection.java:2099) [:] at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:690) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) [mina-core-2.0.7.jar:] at org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:407) [mina-core-2.0.7.jar:] at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:236) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) [mina-core-2.0.7.jar:] at org.apache.mina.filter.ssl.SslHandler.flushScheduledEvents(SslHandler.java:322) [mina-core-2.0.7.jar:] at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:497) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) [mina-core-2.0.7.jar:] at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:410) [mina-core-2.0.7.jar:] at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:710) [mina-core-2.0.7.jar:] at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:664) [mina-core-2.0.7.jar:] at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:653) [mina-core-2.0.7.jar:] at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:67) [mina-core-2.0.7.jar:] at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1124) [mina-core-2.0.7.jar:] at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64) [mina-core-2.0.7.jar:] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) [rt.jar:1.7.0_09] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) [rt.jar:1.7.0_09] at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_09] Caused by: org.apache.directory.api.ldap.model.exception.LdapException: ERR_04269 ATTRIBUTE_TYPE for OID optionalrole does not exist! at org.apache.directory.api.ldap.model.schema.registries.DefaultSchemaObjectRegistry.lookup(DefaultSchemaObjectRegistry.java:176) [:] at org.apache.directory.api.ldap.model.schema.registries.DefaultAttributeTypeRegistry.lookup(DefaultAttributeTypeRegistry.java:289) [:] ... 30 more
        Hide
        Emmanuel Lecharny added a comment -

        Thanks for the report !

        I suspect that the LdapNetworkConnection.addSchema( File schemaFile ) is missing something here :

        for ( AttributeType atType : atList )

        { atRegistry.addMappingFor( atType ); }

        should be

        for ( AttributeType atType : atList )

        { atRegistry.addMappingFor( atType ); atRegistry.register( atType ); }

        To be double checked...

        Show
        Emmanuel Lecharny added a comment - Thanks for the report ! I suspect that the LdapNetworkConnection.addSchema( File schemaFile ) is missing something here : for ( AttributeType atType : atList ) { atRegistry.addMappingFor( atType ); } should be for ( AttributeType atType : atList ) { atRegistry.addMappingFor( atType ); atRegistry.register( atType ); } To be double checked...
        Hide
        Gerald Turner added a comment -

        I modified LdapNetworkConnection#addSchema with the call to atRegistry.register(atType) and progressed a little further.

        Now there are NullPointerExceptions being thrown by the constructor of DefaultAttribute: AttributeType.getSyntax() returns null.

        In a debugger I see the toString of the AttributeType looks like:

        ATTRIBUTE_TYPE ( 1.3.6.1.4.1.38541.2.1.101
        NAME 'optionalRole'
        DESC Optional Role for a company unit
        USAGE userApplications
        )

        (no SYNTAX?)

        I tried a few variations in my "custom.schema" file with no effect, still null syntax.

        attributetype ( 1.3.6.1.4.1.38541.2.1.101
        NAME 'optionalRole'
        DESC 'Optional Role for a company unit'
        SUP distinguishedName )

        ... and ...

        attributetype ( 1.3.6.1.4.1.38541.2.1.101
        NAME 'optionalRole'
        DESC 'Optional Role for a company unit'
        EQUALITY distinguishedNameMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )

        Show
        Gerald Turner added a comment - I modified LdapNetworkConnection#addSchema with the call to atRegistry.register(atType) and progressed a little further. Now there are NullPointerExceptions being thrown by the constructor of DefaultAttribute: AttributeType.getSyntax() returns null. In a debugger I see the toString of the AttributeType looks like: ATTRIBUTE_TYPE ( 1.3.6.1.4.1.38541.2.1.101 NAME 'optionalRole' DESC Optional Role for a company unit USAGE userApplications ) (no SYNTAX?) I tried a few variations in my "custom.schema" file with no effect, still null syntax. attributetype ( 1.3.6.1.4.1.38541.2.1.101 NAME 'optionalRole' DESC 'Optional Role for a company unit' SUP distinguishedName ) ... and ... attributetype ( 1.3.6.1.4.1.38541.2.1.101 NAME 'optionalRole' DESC 'Optional Role for a company unit' EQUALITY distinguishedNameMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
        Hide
        Gerald Turner added a comment -

        Solved the null syntax problem by calling Registries.buildReference inside LdapNetworkConnection.addSchema, problems solved!

        Show
        Gerald Turner added a comment - Solved the null syntax problem by calling Registries.buildReference inside LdapNetworkConnection.addSchema, problems solved!
        Gerald Turner made changes -
        Field Original Value New Value
        Attachment DIRAPI-156.patch [ 12599702 ]
        Kiran Ayyagari made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Assignee Kiran Ayyagari [ akiran ]
        Resolution Not A Problem [ 8 ]
        Hide
        Gerald Turner added a comment -

        "Not a problem" - so was this fixed by other means in the M21 release? or simply patch rejected?

        BTW, thank you for fixing DIRAPI-153, application no longer pauses 2 seconds everytime a new LDAP connection is built.

        Show
        Gerald Turner added a comment - "Not a problem" - so was this fixed by other means in the M21 release? or simply patch rejected? BTW, thank you for fixing DIRAPI-153 , application no longer pauses 2 seconds everytime a new LDAP connection is built.
        Hide
        Kiran Ayyagari added a comment -

        ... or simply patch rejected?

        ahh I thought you called the Registries.buildReferenc in your code so I overlooked the patch.

        Show
        Kiran Ayyagari added a comment - ... or simply patch rejected? ahh I thought you called the Registries.buildReferenc in your code so I overlooked the patch.
        Kiran Ayyagari made changes -
        Resolution Not A Problem [ 8 ]
        Status Resolved [ 5 ] Reopened [ 4 ]
        Kiran Ayyagari made changes -
        Fix Version/s 1.0.0-M22 [ 12326508 ]
        Hide
        Emmanuel Lecharny added a comment -

        Patch applied : http://svn.apache.org/r1579889

        Sorry for the delay, it seems that the issue went under the radar...

        Show
        Emmanuel Lecharny added a comment - Patch applied : http://svn.apache.org/r1579889 Sorry for the delay, it seems that the issue went under the radar...
        Emmanuel Lecharny made changes -
        Status Reopened [ 4 ] Resolved [ 5 ]
        Resolution Fixed [ 1 ]
        Hide
        Gerald Turner added a comment -

        Opps! Kiran was correct (although I didn't find out until late yesterday). This bug/patch fixes LdapNetworkConnection, but ultimately (due to DIRAPI-153 being fixed), I really want to import the OpenLDAP schema to the SchemaManager to be shared with future connections. So instead I lifted the loadSchema code out of LdapNetworkConnection and hard-coded it into my initialization routine.

        I suppose it would be more elegant to move this method to DefaultSchemaManager.

        Some background:

        Last summer I began working with M20 to work with our OpenLDAP server that has mostly generic stuff: "nis" and a few custom objectClasses and attributes that extend "inetorgperson". I tried three flavors of loading the schema (of which the first two failed, settled on the third):

        • Load the schema from the OpenLDAP server (DIRAPI-154).
        • Load the schema with combination of ApacheDS native schema via JarLdifSchemaLoader plus external OpenLDAP schema file (DIRAPI-156).
        • Hack a copy ApacheDS native schema with our custom objectClasses and attributes via LdifSchemaLoader.

        That last choice isn't very good because performance is bad (in lieu of DIRAPI-153) and it seems dirty having a copy of the ApacheDS schema.

        Yesterday I updated to M21 to see how the initialization code could be improved, ended up with the following:

            private SchemaManager configureSchemaManager() throws UserManagerException {
                String[] schemas = config.getStringArray("LDAP.Schemas");
                if (schemas == null || schemas.length == 0)
                    schemas = new String[] {
                            "system",
                            "core",
                            "cosine",
                            "inetorgperson",
                            "nis",
                            "apache", // Need "apache" for UUID
                        };
                if (log.isLoggable(Level.FINEST))
                    log.finest("configureSchemaManager: Loading the following internal ApacheDS schemas: " + StringUtils.join(schemas, ", "));
        
                JarLdifSchemaLoader loader;
                Collection<Schema> loaderSchemas;
                try {
                    loader = new JarLdifSchemaLoader();
                    loaderSchemas = loader.getAllSchemas();
                }
                catch (Exception e) {
                    throw new UserManagerException("Failed to initialize schema loader: " + e.getMessage(), e);
                }
        
                for (Schema schema : loaderSchemas) {
                    String name = schema.getSchemaName();
                    if (ArrayUtils.contains(schemas, name)) {
                        if (schema.isEnabled()) {
                            if (log.isLoggable(Level.FINEST))
                                log.finest("configureSchemaManager: Schema " + name + " is enabled by default");
                        }
                        else {
                            if (log.isLoggable(Level.FINEST))
                                log.finest("configureSchemaManager: Enabling Schema " + name);
                            schema.enable();
                        }
                    }
                    else {
                        if (schema.isEnabled()) {
                            if (log.isLoggable(Level.FINEST))
                                log.finest("configureSchemaManager: Disabling Schema " + name);
                            schema.disable();
                        }
                    }
                }
        
                SchemaManager schemaManager = new DefaultSchemaManager(loader);
                try {
                    schemaManager.loadAllEnabled();
                }
                catch (Exception e) {
                    throw new UserManagerException("Failed to load schemas: " + e.getMessage(), e);
                }
        
                File schemaDirectory;
                try {
                    String schemaDirectoryConfig =
                        config.getString("LDAP.SchemaDirectory", null);
                    if (schemaDirectoryConfig != null)
                        schemaDirectory = new File(schemaDirectoryConfig);
                    else
                        schemaDirectory = findSchemaDirectory();
                }
                catch (Exception e) {
                    throw new UserManagerException("Failed to determine OpenLDAP schema directory: " + e.getMessage(), e);
                }
        
                if (log.isLoggable(Level.FINEST))
                    log.finest("configureSchemaManager: Importing OpenLDAP schema files from directory " + schemaDirectory + " (*.schema)");
                Registries registries = schemaManager.getRegistries();
                List<Throwable> errors = new ArrayList<>();
                Collection<File> files =
                    FileUtils.listFiles(schemaDirectory,
                                        new String[] { "schema" },
                                        true);
                for (File file : files) {
                    if (log.isLoggable(Level.FINEST))
                        log.finest("configureSchemaManager: Importing OpenLDAP schema from file " + file);
                    OpenLdapSchemaParser parser;
                    try {
                        parser = new OpenLdapSchemaParser();
                        parser.setQuirksMode(true);
                        parser.parse(file);
                    }
                    catch (Exception e) {
                        throw new UserManagerException("Failed to parse OpenLDAP schema file " + file + ": " + e.getMessage(), e);
                    }
        
                    for (AttributeType attributeType : parser.getAttributeTypes()) {
                        registries.buildReference(errors, attributeType);
                        if (!errors.isEmpty())
                            throw new UserManagerException("Errors accumlated while importing attributeType " + attributeType + " from OpenLDAP schema " + file + ": " + errors, errors.get(0));
                        try {
                            registries.getAttributeTypeRegistry().register(attributeType);
                        }
                        catch (Exception e) {
                            throw new UserManagerException("Failed to register attributeType " + attributeType + " from OpenLDAP schema " + file + ": " + e.getMessage(), e);
                        }
                    }
        
                    for (ObjectClass objectClass : parser.getObjectClassTypes()) {
                        registries.buildReference(errors, objectClass);
                        if (!errors.isEmpty())
                            throw new UserManagerException("Errors accumlated while importing objectClass " + objectClass + " from OpenLDAP schema " + file + ": " + errors, errors.get(0));
                        try {
                            registries.getObjectClassRegistry().register(objectClass);
                        }
                        catch (Exception e) {
                            throw new UserManagerException("Failed to register objectClass " + objectClass + " from OpenLDAP schema " + file + ": " + e.getMessage(), e);
                        }
                    }
                }
        
                return schemaManager;
            }
        

        This is much cleaner, I can drop the copy of ApacheDS schema and only carry our internal/custom OpenLDAP schema (which is a direct copy from what the Sys Admins use rather than have to be reformated for JarLdifSchemaLoader metadata).

        Note that I discovered that I had to enable the "apache" schema - our OpenLDAP schema makes use of UUID attribute types. Without "apache" enabled the initialization fails with the following logging output:

          10:29:41,920 INFO  [org.apache.directory.api.ldap.model.schema.registries.helper.AttributeTypeHelper] (main) ERR_04306 Cannot find a Syntax object 1.3.6.1.1.16.1 while building cross-references for the uuid AttributeType.
          10:29:41,921 INFO  [org.apache.directory.api.ldap.model.schema.registries.helper.AttributeTypeHelper] (main) ERR_04308 Cannot find an Equality MatchingRule object for UUIDMatch while building cross-references for the uuid AttributeType.
        

        ... makes me wonder whether 1.3.6.1.1.16.* syntaxes should move to "system"?

        Show
        Gerald Turner added a comment - Opps! Kiran was correct (although I didn't find out until late yesterday). This bug/patch fixes LdapNetworkConnection, but ultimately (due to DIRAPI-153 being fixed), I really want to import the OpenLDAP schema to the SchemaManager to be shared with future connections. So instead I lifted the loadSchema code out of LdapNetworkConnection and hard-coded it into my initialization routine. I suppose it would be more elegant to move this method to DefaultSchemaManager. Some background: Last summer I began working with M20 to work with our OpenLDAP server that has mostly generic stuff: "nis" and a few custom objectClasses and attributes that extend "inetorgperson". I tried three flavors of loading the schema (of which the first two failed, settled on the third): Load the schema from the OpenLDAP server ( DIRAPI-154 ). Load the schema with combination of ApacheDS native schema via JarLdifSchemaLoader plus external OpenLDAP schema file ( DIRAPI-156 ). Hack a copy ApacheDS native schema with our custom objectClasses and attributes via LdifSchemaLoader. That last choice isn't very good because performance is bad (in lieu of DIRAPI-153 ) and it seems dirty having a copy of the ApacheDS schema. Yesterday I updated to M21 to see how the initialization code could be improved, ended up with the following: private SchemaManager configureSchemaManager() throws UserManagerException { String [] schemas = config.getStringArray( "LDAP.Schemas" ); if (schemas == null || schemas.length == 0) schemas = new String [] { "system" , "core" , "cosine" , "inetorgperson" , "nis" , "apache" , // Need "apache" for UUID }; if (log.isLoggable(Level.FINEST)) log.finest( "configureSchemaManager: Loading the following internal ApacheDS schemas: " + StringUtils.join(schemas, ", " )); JarLdifSchemaLoader loader; Collection<Schema> loaderSchemas; try { loader = new JarLdifSchemaLoader(); loaderSchemas = loader.getAllSchemas(); } catch (Exception e) { throw new UserManagerException( "Failed to initialize schema loader: " + e.getMessage(), e); } for (Schema schema : loaderSchemas) { String name = schema.getSchemaName(); if (ArrayUtils.contains(schemas, name)) { if (schema.isEnabled()) { if (log.isLoggable(Level.FINEST)) log.finest( "configureSchemaManager: Schema " + name + " is enabled by default " ); } else { if (log.isLoggable(Level.FINEST)) log.finest( "configureSchemaManager: Enabling Schema " + name); schema.enable(); } } else { if (schema.isEnabled()) { if (log.isLoggable(Level.FINEST)) log.finest( "configureSchemaManager: Disabling Schema " + name); schema.disable(); } } } SchemaManager schemaManager = new DefaultSchemaManager(loader); try { schemaManager.loadAllEnabled(); } catch (Exception e) { throw new UserManagerException( "Failed to load schemas: " + e.getMessage(), e); } File schemaDirectory; try { String schemaDirectoryConfig = config.getString( "LDAP.SchemaDirectory" , null ); if (schemaDirectoryConfig != null ) schemaDirectory = new File(schemaDirectoryConfig); else schemaDirectory = findSchemaDirectory(); } catch (Exception e) { throw new UserManagerException( "Failed to determine OpenLDAP schema directory: " + e.getMessage(), e); } if (log.isLoggable(Level.FINEST)) log.finest( "configureSchemaManager: Importing OpenLDAP schema files from directory " + schemaDirectory + " (*.schema)" ); Registries registries = schemaManager.getRegistries(); List<Throwable> errors = new ArrayList<>(); Collection<File> files = FileUtils.listFiles(schemaDirectory, new String [] { "schema" }, true ); for (File file : files) { if (log.isLoggable(Level.FINEST)) log.finest( "configureSchemaManager: Importing OpenLDAP schema from file " + file); OpenLdapSchemaParser parser; try { parser = new OpenLdapSchemaParser(); parser.setQuirksMode( true ); parser.parse(file); } catch (Exception e) { throw new UserManagerException( "Failed to parse OpenLDAP schema file " + file + ": " + e.getMessage(), e); } for (AttributeType attributeType : parser.getAttributeTypes()) { registries.buildReference(errors, attributeType); if (!errors.isEmpty()) throw new UserManagerException( "Errors accumlated while importing attributeType " + attributeType + " from OpenLDAP schema " + file + ": " + errors, errors.get(0)); try { registries.getAttributeTypeRegistry().register(attributeType); } catch (Exception e) { throw new UserManagerException( "Failed to register attributeType " + attributeType + " from OpenLDAP schema " + file + ": " + e.getMessage(), e); } } for (ObjectClass objectClass : parser.getObjectClassTypes()) { registries.buildReference(errors, objectClass); if (!errors.isEmpty()) throw new UserManagerException( "Errors accumlated while importing objectClass " + objectClass + " from OpenLDAP schema " + file + ": " + errors, errors.get(0)); try { registries.getObjectClassRegistry().register(objectClass); } catch (Exception e) { throw new UserManagerException( "Failed to register objectClass " + objectClass + " from OpenLDAP schema " + file + ": " + e.getMessage(), e); } } } return schemaManager; } This is much cleaner, I can drop the copy of ApacheDS schema and only carry our internal/custom OpenLDAP schema (which is a direct copy from what the Sys Admins use rather than have to be reformated for JarLdifSchemaLoader metadata). Note that I discovered that I had to enable the "apache" schema - our OpenLDAP schema makes use of UUID attribute types. Without "apache" enabled the initialization fails with the following logging output: 10:29:41,920 INFO [org.apache.directory.api.ldap.model.schema.registries.helper.AttributeTypeHelper] (main) ERR_04306 Cannot find a Syntax object 1.3.6.1.1.16.1 while building cross-references for the uuid AttributeType. 10:29:41,921 INFO [org.apache.directory.api.ldap.model.schema.registries.helper.AttributeTypeHelper] (main) ERR_04308 Cannot find an Equality MatchingRule object for UUIDMatch while building cross-references for the uuid AttributeType. ... makes me wonder whether 1.3.6.1.1.16.* syntaxes should move to "system"?
        Hide
        Emmanuel Lecharny added a comment -

        Closing the resolved issues.

        Show
        Emmanuel Lecharny added a comment - Closing the resolved issues.
        Emmanuel Lecharny made changes -
        Status Resolved [ 5 ] Closed [ 6 ]
        Assignee Kiran Ayyagari [ akiran ] Emmanuel Lecharny [ elecharny ]

          People

          • Assignee:
            Emmanuel Lecharny
            Reporter:
            Gerald Turner
          • Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development