Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
v1.6.0
-
None
-
None
Description
I try to use LDAP authentication.
I set the ldap.user.searchBase & ldap.user.searchPattern & ldap.user.groupSearchBase
I followed the documentation http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
It crashed because of:
Failed to parse DN; nested exception is org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column 38. Encountered: "." (46), after : ""
I change the logger configuration to have debug to understand the query done using Spring Security LdapTemplate.
It seems that it trim the value at column 38 and add "..."
I can't tell you my real AD path, but here is an example:
in kylin.properties:
ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
Debug log:
2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1] search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: 'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
I change the searchBase to be shorted (less than 38 char) and it seems that the bug is the same with the searchPattern and the groupSearchBase.
I don't know where Kylin is reading these properties, but it seems that it doesn't use the right function (maybe toString() that trim the value?)
Attachments
Attachments
Issue Links
- is duplicated by
-
-
- Closed
-