mathias kluba created KYLIN-2305:
------------------------------------
Summary: Unable to use long searchBase/Pattern for LDAP
Key: KYLIN-2305
URL: https://issues.apache.org/jira/browse/KYLIN-2305
Project: Kylin
Issue Type: Bug
Affects Versions: v1.6.0
Reporter: mathias kluba
I try to use LDAP authentication.
I set the ldap.user.searchBase & ldap.user.searchPattern &
ldap.user.groupSearchBase
I followed the documentation
http://kylin.apache.org/docs/howto/howto_ldap_and_sso.html
It crashed because of:
{code}
Failed to parse DN; nested exception is
org.springframework.ldap.core.TokenMgrError: Lexical error at line 1, column
38. Encountered: "." (46), after : ""
{code}
I change the logger configuration to have debug to understand the query done
using Spring Security LdapTemplate.
It seems that it trim the value at column 38 and add "..."
I can't tell you my real AD path, but here is an example:
in kylin.properties:
{code}
ldap.user.searchBase=OU=Users,OU=Accounts,OU=FR,OU=ABCDE,OU=FGHIJ,DC=MYCOMPANY,DC=COM
{code}
Debug log:
{code}
2016-12-20 14:04:41,242 DEBUG [http-bio-7070-exec-1]
search.FilterBasedLdapUserSearch:107 : Searching for user 'mylogin', with user
search [ searchFilter: '(sAMAccountName={0})', searchBase:
'OU=Users,OU=Accounts,OU=FR,OU=ABCDE,O...', scope: subtree, searchTimeLimit: 0,
derefLinkFlag: false ]
{code}
I change the searchBase to be shorted (less than 38 char) and it seems that the
bug is the same with the searchPattern and the groupSearchBase.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
