LDAP Users Unable to Login Due to 'There was an error converting the SearchResult'

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

症状

When configuring an LDAP integration, LDAP users are unable to login. The following appears in the atlassian-confluence.log:

[11:52:59] ERROR There was an error converting the SearchResult: uid=husein: null:null:{uid=uid: husein, cn=cn: husein} into an entity or entities.
java.lang.NullPointerException
at javax.naming.directory.BasicAttributes.get(BasicAttributes.java:144)
at com.atlassian.user.impl.ldap.DefaultLDAPUserFactory.getUser(DefaultLDAPUserFactory.java:46)
at com.atlassian.user.impl.ldap.DefaultLDAPUserFactory.getEntity(DefaultLDAPUserFactory.java:106)
at com.atlassian.user.impl.ldap.DefaultLDAPUserFactory.getEntity(DefaultLDAPUserFactory.java:16)
at com.atlassian.user.impl.ldap.search.page.LDAPEntityPager.preloadSearchResult(LDAPEntityPager.java:34)
at com.atlassian.user.impl.ldap.search.page.AbstractLDAPPager.fetch(AbstractLDAPPager.java:122)
...

There is also a variant stack trace:

java.lang.NullPointerException
at javax.naming.InitialContext.getURLScheme(InitialContext.java:286)
at javax.naming.InitialContext.getURLOrDefaultInitCtx(InitialContext.java:335)
at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:104)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:265)
at com.atlassian.user.impl.ldap.search.DefaultLDAPUserAdaptor.search(DefaultLDAPUserAdaptor.java:78)
at com.atlassian.user.impl.ldap.search.DefaultLDAPUserAdaptor.search(DefaultLDAPUserAdaptor.java:54)
at com.atlassian.user.impl.ldap.LDAPUserManagerReadOnly.getUser(LDAPUserManagerReadOnly.java:70)
...



原因

The issue is caused due to missing attributes in {{atlassian-user.xml}}, which is required by atlassian-user library The missing attributes could be any one of the following:

  • <firstnameAttribute>...</firstnameAttribute> 
  • <surnameAttribute>...</surnameAttribute> 
  • <membershipAttribute>department</membershipAttribute>

ソリューション

Ensure that the required attributes exist in atlassian-user.xml. A bare minimum setting will look like:

<ldap key="ldapRepository" name="LDAP Repository@hecate.atlassian.com" cache="true">
    <host>hecate.atlassian.com</host>
    <port>389</port>
    <securityPrincipal>cn=admin,dc=atlassian,dc=private</securityPrincipal>
    <securityCredential>secret</securityCredential>
    <securityProtocol>plain</securityProtocol>
    <securityAuthentication>simple</securityAuthentication>
    <baseContext>dc=atlassian,dc=private</baseContext>
    <baseUserNamespace>dc=staff,dc=perftest,dc=atlassian,dc=private</baseUserNamespace>
    <baseGroupNamespace>dc=groups,dc=perftest,dc=atlassian,dc=private</baseGroupNamespace>
    <usernameAttribute>cn</usernameAttribute>
    <userSearchFilter>(objectClass=inetorgperson)</userSearchFilter>
    <firstnameAttribute>givenname</firstnameAttribute>
    <surnameAttribute>sn</surnameAttribute>
    <emailAttribute>mail</emailAttribute>
    <groupnameAttribute>cn</groupnameAttribute>
    <groupSearchFilter>(objectClass=groupOfNames)</groupSearchFilter>
    <membershipAttribute>member</membershipAttribute>
</ldap>

Last modified on Mar 30, 2016

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.