----- Original Message ----- > From: "plysan" <ply...@gmail.com> > To: "Alon Bar-Lev" <alo...@redhat.com> > Cc: "Users@ovirt.org List" <users@ovirt.org> > Sent: Sunday, October 19, 2014 9:06:37 PM > Subject: Re: [ovirt-users] Null object error with ovirt-engine-extension-ldap > > Hi, > > I did the following: > > 1. /etc/ovirt-engine/extensions.d/eayunosAuthn.properties > > ovirt.engine.extension.name = eayunosAuthn > ovirt.engine.extension.bindings.method = jbossmodule > ovirt.engine.extension.binding.jbossmodule.module = > org.ovirt.engine-extensions.aaa.ldap > ovirt.engine.extension.binding.jbossmodule.class = > org.ovirt.engineextensions.aaa.ldap.AuthnExtension > ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn > ovirt.engine.aaa.authn.profile.name = testad > ovirt.engine.aaa.authn.authz.plugin = eayunosAuthz > config.profile.file.1 = > /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties
please use your own file, put it at /etc/ovirt-engine/aaa or something, please do not override package files. > > 2. /etc/ovirt-engine/extensions.d/eayunosAuthz.properties > > ovirt.engine.extension.name = eayunosAuthz > ovirt.engine.extension.bindings.method = jbossmodule > ovirt.engine.extension.binding.jbossmodule.module = > org.ovirt.engine-extensions.aaa.ldap > ovirt.engine.extension.binding.jbossmodule.class = > org.ovirt.engineextensions.aaa.ldap.AuthzExtension > ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz > config.profile.file.1 = > /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties > > 3. /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties (I > just modified the fiirst three variables) please use your own file, put it at /etc/ovirt-engine/aaa or something, please do not override package files. > include = <ad.properties> > > vars.user = lijiansheng > vars.password = 1qaz@WSX > vars.domain = eayunos.com > vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain} I hope you have dc1.eayunos.com and dc2.eayunos.com. > pool.default.serverset.type = srvrecord > pool.default.serverset.srvrecord.domain = ${global:vars.domain} > pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url = > ${global:vars.dns} > pool.default.socketfactory.resolver.uRL = ${global:vars.dns} > pool.default.ssl.startTLS = true I suggest you start without ssl, set the above to false. > pool.default.ssl.truststore.file = > ${local:_basedir}/${global:vars.domain}.jks > pool.default.ssl.truststore.password = changeit > pool.default.auth.simple.bindDN = ${global:vars.user} > pool.default.auth.simple.password = ${global:vars.password} > > > And this time there is another error in engine.log: > > 2014-10-20 01:59:32,291 INFO > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > thread 1-3) Loading extension 'eayunosAuthn' > 2014-10-20 01:59:32,839 ERROR > [org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC > service thread 1-3) Could not load extension based on configuration file > '/etc/ovirt-engine/extensions.d/eayunosAuthn.properties'. Please check the > configuration file is valid. Exception message is: Error loading extension > 'eayunosAuthn': Exception: class java.lang.StackOverflowError: null yes, as the ad.properties includes common.properties which you modified to include ad.properties, so you created infinite loop. > 2014-10-20 01:59:32,843 INFO > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > thread 1-3) Loading extension 'eayunosAuthz' > 2014-10-20 01:59:33,206 ERROR > [org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC > service thread 1-3) Could not load extension based on configuration file > '/etc/ovirt-engine/extensions.d/eayunosAuthz.properties'. Please check the > configuration file is valid. Exception message is: Error loading extension > 'eayunosAuthz': Exception: class java.lang.StackOverflowError: null > > > Thanks for your help :) > > plysan > > > 2014-10-20 1:09 GMT+08:00 Alon Bar-Lev <alo...@redhat.com>: > > > Hi, > > > > You need to refer to ad.properties from your profile, in this profile you > > need to specify credentials and settings to access the active directory. > > > > For example, how can the implementation guess where your active directory > > is? what is the user that is to be used to access it? > > > > Please follow extension configuration[1] and create two extensions per > > documentation. > > 1. authn - authentication > > 2. authz - authorization. > > > > Both extensions should refer to your profile[2] that specifies the > > required information. > > > > Regards, > > Alon > > > > [1] > > http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l17 > > [2] > > http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l97 > > > > ----- Original Message ----- > > > From: "plysan" <ply...@gmail.com> > > > To: "Users@ovirt.org List" <users@ovirt.org> > > > Sent: Sunday, October 19, 2014 7:58:48 PM > > > Subject: [ovirt-users] Null object error with ovirt-engine-extension-ldap > > > > > > Hello, > > > > > > After I adding a AD directory server to oVirt using manage-domains, I > > > installed the extension-ldap package. My setup is as follows: > > > > > > 1. /etc/ovirt-engine/extensions.d/eayunos.properties > > > > > > ovirt.engine.extension.name = eayunos > > > ovirt.engine.extension.bindings.method = jbossmodule > > > ovirt.engine.extension.binding.jbossmodule.module = > > > org.ovirt.engine-extensions.aaa.ldap > > > ovirt.engine.extension.binding.jbossmodule.class = > > > org.ovirt.engineextensions.aaa.ldap.AuthzExtension > > > ovirt.engine.extension.provides = > > org.ovirt.engine.api.extensions.aaa.Authz > > > config.profile.file.1 = > > > /usr/share/ovirt-engine-extension-aaa-ldap/profiles/ad.properties > > > > > > 2. restart ovirt > > > > > > But after that there is a error in engine.log: > > > > > > 2014-10-20 00:52:11,199 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Loading extension 'builtin-authn-internal' > > > 2014-10-20 00:52:11,201 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension 'builtin-authn-internal' loaded > > > 2014-10-20 00:52:11,202 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Loading extension 'internal' > > > 2014-10-20 00:52:11,203 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension 'internal' loaded > > > 2014-10-20 00:52:11,218 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Loading extension ' builtin-authn-eayunos.com ' > > > 2014-10-20 00:52:11,232 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension ' builtin-authn-eayunos.com ' loaded > > > 2014-10-20 00:52:11,245 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Loading extension ' eayunos.com ' > > > 2014-10-20 00:52:11,247 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension ' eayunos.com ' loaded > > > 2014-10-20 00:52:11,252 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Loading extension 'ovirtSyslog' > > > 2014-10-20 00:52:11,253 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension 'ovirtSyslog' loaded > > > 2014-10-20 00:52:11,257 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Loading extension 'eayunos' > > > 2014-10-20 00:52:11,286 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension 'eayunos' loaded > > > 2014-10-20 00:52:11,287 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Initializing extension 'builtin-authn-internal' > > > 2014-10-20 00:52:11,288 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension 'builtin-authn-internal' initialized > > > 2014-10-20 00:52:11,289 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Initializing extension 'eayunos' > > > 2014-10-20 00:52:11,290 INFO > > [org.ovirt.engineextensions.aaa.ldap.Framework] > > > (MSC service thread 1-16) Creating LDAP pool 'authz' for 'eayunos' > > > 2014-10-20 00:52:11,305 ERROR > > > [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread > > > 1-16) Cannot initialize LDAP framework, deferring initialization. Error: > > A > > > null object was provided where a non-null object is required (non-null > > index > > > 0). Thread stack trace: getStackTrace(Thread.java:1589) / > > > ensureNotNull(Validator.java:60) / <init>(SingleServerSet.java:140) / > > > createConnectionPool(Framework.java:516) / > > createPool(Framework.java:632) / > > > runSequence(Framework.java:1312) / open(Framework.java:666) / > > > ensureFramework(AuthzExtension.java:104) / > > doInit(AuthzExtension.java:436) / > > > invoke(AuthzExtension.java:368) / invoke(ExtensionProxy.java:49) / > > > invoke(ExtensionProxy.java:73) / invoke(ExtensionProxy.java:109) / > > > initialize(ExtensionsManager.java:308) / > > > engineInitialize(EngineExtensionsManager.java:111) / > > > initialize(Backend.java:266) / create(Backend.java:138) / > > > invoke0(NativeMethodAccessorImpl.java) / > > > invoke(NativeMethodAccessorImpl.java:57) / > > > invoke(DelegatingMethodAccessorImpl.java:43) / invoke(Method.java:606) / > > > > > processInvocation(ManagedReferenceLifecycleMethodInterceptorFactory.java:130) > > > / proceed(InterceptorContext.java:288) / > > > processInvocation(WeavedInterceptor.java:53) / > > > proceed(InterceptorContext.java:288) / > > > processInvocation(WeldInjectionInterceptor.java:73) / > > > proceed(InterceptorContext.java:288) / > > > processInvocation(ManagedReferenceInterceptorFactory.java:95) / > > > proceed(InterceptorContext.java:288) / > > > processInvocation(ManagedReferenceInterceptorFactory.java:95) / > > > proceed(InterceptorContext.java:288) / > > > processInvocation(WeavedInterceptor.java:53) / > > > proceed(InterceptorContext.java:288) / > > > processInvocation(NamespaceContextInterceptor.java:50) / > > > proceed(InterceptorContext.java:288) / > > > invokeInOurTx(CMTTxInterceptor.java:228) / > > > requiresNew(CMTTxInterceptor.java:333) / > > > processInvocation(SingletonLifecycleCMTTxInterceptor.java:56) / > > > proceed(InterceptorContext.java:288) / > > > processInvocation(CurrentInvocationContextInterceptor.java:41) / > > > proceed(InterceptorContext.java:288) / > > > processInvocation(TCCLInterceptor.java:45) / > > > proceed(InterceptorContext.java:288) / > > > processInvocation(ChainedInterceptor.java:61) / > > > constructComponentInstance(BasicComponent.java:161) / > > > createInstance(BasicComponent.java:85) / > > > getComponentInstance(SingletonComponent.java:116) / > > > start(SingletonComponent.java:130) / > > start(ComponentStartService.java:44) / > > > startService(ServiceControllerImpl.java:1811) / > > > run(ServiceControllerImpl.java:1746) / > > > runWorker(ThreadPoolExecutor.java:1145) / > > run(ThreadPoolExecutor.java:615) / > > > run(Thread.java:745) > > > 2014-10-20 00:52:11,313 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension 'eayunos' initialized > > > 2014-10-20 00:52:11,314 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Initializing extension 'ovirtSyslog' > > > 2014-10-20 00:52:11,327 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension 'ovirtSyslog' initialized > > > 2014-10-20 00:52:11,327 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Initializing extension ' builtin-authn-eayunos.com ' > > > 2014-10-20 00:52:11,330 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension ' builtin-authn-eayunos.com ' initialized > > > 2014-10-20 00:52:11,331 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Initializing extension ' eayunos.com ' > > > 2014-10-20 00:52:11,332 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension ' eayunos.com ' initialized > > > 2014-10-20 00:52:11,333 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Initializing extension 'internal' > > > 2014-10-20 00:52:11,334 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Extension 'internal' initialized > > > 2014-10-20 00:52:11,334 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Start of enabled extensions list > > > 2014-10-20 00:52:11,335 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Instance name: 'builtin-authn-internal', Extension name: 'Internal > > > Authn (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: ' > > > http://www.ovirt.org ', Author 'The oVirt Project', Build interface > > Version: > > > '0', File: 'N/A', Initialized: 'true' > > > 2014-10-20 00:52:11,337 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Instance name: 'eayunos', Extension name: 'aaa.ldap.authz', > > Version: > > > '0.0.0_master', Notes: 'Display name: > > > > > ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6', > > > License: 'ASL 2.0', Home: ' http://www.ovirt.org ', Author 'The oVirt > > > Project', Build interface Version: '0', File: > > > '/etc/ovirt-engine/extensions.d/eayunos.properties', Initialized: 'true' > > > 2014-10-20 00:52:11,338 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Instance name: 'ovirtSyslog', Extension name: 'Log4jLogger', > > Version: > > > '0.0.0', Notes: 'Display name: > > > > > ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6', > > > License: 'ASL 2.0', Home: ' http://www.ovirt.org ', Author 'The oVirt > > > Project', Build interface Version: '0', File: > > > '/etc/ovirt-engine/extensions.d/Log4jLogger.properties', Initialized: > > 'true' > > > 2014-10-20 00:52:11,340 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Instance name: ' builtin-authn-eayunos.com ', Extension name: > > > 'Kerberos/Ldap Authn (Built-in)', Version: 'N/A', Notes: '', License: > > 'ASL > > > 2.0', Home: ' http://www.ovirt.org ', Author 'The oVirt Project', Build > > > interface Version: '0', File: 'N/A', Initialized: 'true' > > > 2014-10-20 00:52:11,342 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Instance name: ' eayunos.com ', Extension name: 'Kerberos/Ldap > > Authz > > > (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: ' > > > http://www.ovirt.org ', Author 'The oVirt Project', Build interface > > Version: > > > '0', File: 'N/A', Initialized: 'true' > > > 2014-10-20 00:52:11,343 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) Instance name: 'internal', Extension name: 'Internal Authz > > > (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: ' > > > http://www.ovirt.org ', Author 'The oVirt Project', Build interface > > Version: > > > '0', File: 'N/A', Initialized: 'true' > > > 2014-10-20 00:52:11,345 INFO > > > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service > > thread > > > 1-16) End of enabled extensions list > > > > > > > > > My environment: > > > > > > # cat /etc/issue > > > CentOS release 6.5 (Final) > > > > > > # rpm -qa |grep aaa-ldap > > > > > ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch > > > > > > # rpm -qa |grep ovirt-engine > > > > > ovirt-engine-setup-plugin-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-extensions-api-impl-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > ovirt-engine-tools-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-userportal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-extension-aaa-misc-0.0.0-0.0.master.20140902120001.git1fa6912.el6.noarch > > > ovirt-engine-lib-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-setup-plugin-ovirt-engine-common-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > ovirt-engine-cli-3.5.0.6-0.1.20140926.gitbbb1e44.el6.noarch > > > > > ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6.noarch > > > ovirt-engine-setup-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-dbscripts-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-webadmin-portal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-restapi-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-setup-base-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > ovirt-engine-sdk-python-3.5.0.8-0.1.20140926.gitd3a5e4d.el6.noarch > > > > > ovirt-engine-setup-plugin-ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > > > ovirt-engine-backend-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch > > > ovirt-engine-sdk-java-3.5.0.6-0.1.20140910.git05ab94f.el6.noarch > > > > > ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch > > > ovirt-engine-jboss-as-7.1.1-1.el6.x86_64 > > > > > > > > > Can anyone give me some help? > > > > > > Thanks! > > > > > > > > > _______________________________________________ > > > Users mailing list > > > Users@ovirt.org > > > http://lists.ovirt.org/mailman/listinfo/users > > > > > > _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users