Announcement Announcement Module
Collapse
No announcement yet.
Unable to add user as UniqueMember Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Unable to add user as UniqueMember

    Hi,

    I'm new to working with Ldap in java and found myself trying to create a webservice that allows newly created users to be added to a group, in order to do this I have coded the following method:

    Code:
    public Boolean createUser(String username, String groupname, UserProfile profile) throws DaoException {
    		Boolean flag = Boolean.FALSE;
    		try {
    			if( !lookup(username, groupname) ){
    				DirContextAdapter context = new DirContextAdapter(buildDn(username,groupname));
    				context.setAttributeValues(LdapConfiguration.COMMONSERVICES_LDAPATTR_OBJECTCLASS, 
    						LdapConfiguration.COMMONSERVICES_LDAP_OBJECTCLASS );
    				context.setAttributeValue(LdapConfiguration.COMMONSERVICES_LDAPATTR_FULLNAME, 
    						profile.getFirstname() + " " + profile.getLastname() ); //full name 
    				context.setAttributeValue(LdapConfiguration.COMMONSERVICES_LDAPATTR_LASTSTNAME, 
    						profile.getLastname() ); //last name
    				context.setAttributeValue(LdapConfiguration.COMMONSERVICES_LDAPATTR_FIRSTNAME, 
    						profile.getFirstname() ); //first name
    				context.setAttributeValue(LdapConfiguration.COMMONSERVICES_LDAPATTR_UID, 
    						username );
    				context.setAttributeValue(LdapConfiguration.COMMONSERVICES_LDAPATTR_OU, 
    						groupname );
    				context.setAttributeValue(LdapConfiguration.COMMONSERVICES_LDAPATTR_EMAIL, 
    						profile.getEmail() ); //email
    				context.setAttributeValue(LdapConfiguration.COMMONSERVICES_LDAPATTR_USERACCOUNTID, 
    						String.valueOf(profile.getUserId()) );
    				ldapTemplate.bind(context);
    				flag = Boolean.TRUE;
    				if(flag && !profile.getGroups().isEmpty()){
    					String group = profile.getGroups().get(0);
    					ModificationItem[] mods = new ModificationItem[1];
    					String userDn="uid="+username+",ou="+groupname+",dc=abc,dc=net";
    					mods[0] = new ModificationItem(DirContext.ADD_ATTRIBUTE, new BasicAttribute("uniqueMember",buildDn(username,groupname)));
    					String groupDn="cn="+group+",ou=Application_Auth,dc=abc,dc=net";
    					ldapTemplate.modifyAttributes(groupDn,mods);
    				}
    			} else {
    				throw new DaoException(ResponseCode.ERR_INVALID_USR_ALREADY_EXIST, "LDAP user already exists");
    			}
    		} catch (DaoException e) {
    			log.error("UserLdapDao: createUser", e);
    			throw e;
    		}
    		return flag;
    	}
    this is the ldapConfiguration class for informational uses
    Code:
    public class LdapConfiguration {
    	
    	public static final String COMMONSERVICES_LDAP_ROOT = "people";
    	public static final String COMMONSERVICES_LDAPATTR_PASSWORD = "userPassword";
    	public static final String COMMONSERVICES_LDAPATTR_RESPONSESET = "userResponseSet";
    	public static final String COMMONSERVICES_LDAPATTR_LASTPWDUPDATE = "userLastPwdUpdate";
    	public static final String COMMONSERVICES_LDAPATTR_MINCHALLENGESETUP = "minChallengeSetup";
    	public static final String[] COMMONSERVICES_LDAP_OBJECTCLASS = {"top", "person", "organizationalPerson", "inetorgperson", "abnetperson"};
    	public static final String COMMONSERVICES_LDAPATTR_OU = "ou";
    	public static final String COMMONSERVICES_LDAPATTR_OBJECTCLASS = "objectclass";
    	public static final String COMMONSERVICES_LDAPATTR_FULLNAME = "cn";
    ...
    and I have attached the ldap schema, somehow it shrinks it...

    The problem with all this is everytime I run it I keep getting the following exception trace

    Code:
    15:47:57,017 ERROR [com.abc.commonservices.ws.endpoint.CommonServicesEndpoint] (http--127.0.0.1-8080-3) Error on createUser: org.springframework.ldap.InvalidAttributeValueException: Malformed 'uniqueMember' attribute value; nested exception is javax.naming.directory.InvalidAttributeValueException: Malformed 'uniqueMember' attribute value; remaining name 'cn=App_Admin'
    	at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:124) [spring-ldap-core-1.3.1.RELEASE.jar:1.3.1.RELEASE]
    	at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:810) [spring-ldap-core-1.3.1.RELEASE.jar:1.3.1.RELEASE]
    	at org.springframework.ldap.core.LdapTemplate.executeReadWrite(LdapTemplate.java:802) [spring-ldap-core-1.3.1.RELEASE.jar:1.3.1.RELEASE]
    	at org.springframework.ldap.core.LdapTemplate.modifyAttributes(LdapTemplate.java:982) [spring-ldap-core-1.3.1.RELEASE.jar:1.3.1.RELEASE]
    	at com.abc.commonservices.dao.UserLdapDao.createUser(UserLdapDao.java:240) [classes:]
    	at com.abc.commonservices.dao.UserLdapDao.createUser(UserLdapDao.java:206) [classes:]
    	at com.abc.commonservices.ws.service.BaseCommonServicesService.createUser(BaseCommonServicesService.java:377) [classes:]
    	at com.abc.commonservices.ws.endpoint.CommonServicesEndpoint.createUser(CommonServicesEndpoint.java:385) [classes:]
    	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_04]
    	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_04]
    	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_04]
    	at java.lang.reflect.Method.invoke(Method.java:601) [rt.jar:1.7.0_04]
    	at org.springframework.ws.server.endpoint.MethodEndpoint.invoke(MethodEndpoint.java:134) [spring-ws-core-2.1.2.RELEASE.jar:]
    	at org.springframework.ws.server.endpoint.adapter.DefaultMethodEndpointAdapter.invokeInternal(DefaultMethodEndpointAdapter.java:240) [spring-ws-core-2.1.2.RELEASE.jar:]
    	at org.springframework.ws.server.endpoint.adapter.AbstractMethodEndpointAdapter.invoke(AbstractMethodEndpointAdapter.java:53) [spring-ws-core-2.1.2.RELEASE.jar:]
    	at org.springframework.ws.server.MessageDispatcher.dispatch(MessageDispatcher.java:233) [spring-ws-core-2.1.2.RELEASE.jar:]
    	at org.springframework.ws.server.MessageDispatcher.receive(MessageDispatcher.java:173) [spring-ws-core-2.1.2.RELEASE.jar:]
    	at org.springframework.ws.transport.support.WebServiceMessageReceiverObjectSupport.handleConnection(WebServiceMessageReceiverObjectSupport.java:88) [spring-ws-core-2.1.2.RELEASE.jar:]
    	at org.springframework.ws.transport.http.WebServiceMessageReceiverHandlerAdapter.handle(WebServiceMessageReceiverHandlerAdapter.java:59) [spring-ws-core-2.1.2.RELEASE.jar:]
    	at org.springframework.ws.transport.http.MessageDispatcherServlet.doService(MessageDispatcherServlet.java:239) [spring-ws-core-2.1.2.RELEASE.jar:]
    	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:936) [spring-webmvc-3.2.2.RELEASE.jar:3.2.2.RELEASE]
    	at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:838) [spring-webmvc-3.2.2.RELEASE.jar:3.2.2.RELEASE]
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
    	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:812) [spring-webmvc-3.2.2.RELEASE.jar:3.2.2.RELEASE]
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final]
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]
    	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
    	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
    	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
    	at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_04]
    Caused by: javax.naming.directory.InvalidAttributeValueException: Malformed 'uniqueMember' attribute value; remaining name 'cn=App_Admin'
    	at com.sun.jndi.ldap.LdapClient.encodeAttribute(LdapClient.java:971) [rt.jar:1.7.0_04]
    	at com.sun.jndi.ldap.LdapClient.modify(LdapClient.java:940) [rt.jar:1.7.0_04]
    	at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1474) [rt.jar:1.7.0_04]
    	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:273) [rt.jar:1.7.0_04]
    	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:190) [rt.jar:1.7.0_04]
    	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:179) [rt.jar:1.7.0_04]
    	at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:167) [rt.jar:1.7.0_04]
    	at org.springframework.ldap.core.LdapTemplate$20.executeWithContext(LdapTemplate.java:984) [spring-ldap-core-1.3.1.RELEASE.jar:1.3.1.RELEASE]
    	at org.springframework.ldap.core.LdapTemplate.executeWithContext(LdapTemplate.java:807) [spring-ldap-core-1.3.1.RELEASE.jar:1.3.1.RELEASE]
    	... 36 more
    I'm going to continue playing around with the code, but any support is appreciated.

    Attachment
    Attached Files

  • #2
    For any of you coming in to find an answer, I leave this little method that I used to add a user to a group on your ldap

    Code:
    	private void addUserToGroup(UserProfile profile, String username)
    			throws DaoException {
    		try {
    			String group = profile.getGroups().get(0);
    			DistinguishedName groupdn = new DistinguishedName();
    			groupdn.add("ou",
    					"Application_Auth");
    			groupdn.add("cn", group);
    			DirContextOperations groupContext = ldapTemplate
    					.lookupContext(groupdn);
    			DistinguishedName userdn = new DistinguishedName();
    			groupContext.addAttributeValue("uniqueMember", "uid="
    					+ username + ",ou=People,dc=abc,dc=net");
    			ldapTemplate.modifyAttributes(groupContext);
    		} catch (Exception e) {
    			throw new DaoException(ResponseCode.ERR_INVALID_USR,
    					"LDAP group does not exist.");
    		}
    	}
    if you are unable to see the memberOf attribute despite the fact that your UniqueMember attribute has been added to your group, make sure your users have the ObjectClass inetuser.

    Comment

    Working...
    X