Grouper Users - Open Discussion List

[Tom Zeller <>]

The bug, calling a method of an undefined or null variable, is in my
attribute resolver script definition. Could you create an issue in
jira, please ?

 https://bugs.internet2.edu/jira/browse/GRP

If you ran ldappcng as

    $GROUPER_HOME/bin/gsh.sh -ldappcng -sync UdeM:SubStem -entityName stem

instead of

   $GROUPER_HOME/bin/gsh.sh -ldappcng -sync UdeM:SubStem

then the bug should not appear because the sAMAccountName attribute
would not be resolved by the shibboleth attribute resolver, since only
stem attributes will be resolved.

When provisioning an unknown object (an unknown spmlv2 schema entity;
"-entityName stem" is not present in the gsh parameters) ldappcng
resolves all attributes, because in my experience, performance
bottlenecks are typically in the I/O to data sources (grouper) or
provisioning targets (active directory).

Some relevant code from Psp.java (2.1.0) is in the
execute(CalcRequest, CalcResponse) method :

 // attribute request context
 BaseSAMLProfileRequestContext attributeRequestContext = new
BaseSAMLProfileRequestContext();
 attributeRequestContext.setPrincipalName(calcRequest.getId());

 // get targets specified in request before building the context
 Map<String, List<Pso>> map = getTargetAndObjectDefinitions(calcRequest);

 // determine attribute resolver requested attributes
 LinkedHashSet<String> attributeIds = new LinkedHashSet<String>();
 for (String targetId : map.keySet()) {
     for (Pso psoDefinition : map.get(targetId)) {
         
attributeIds.addAll(psoDefinition.getSourceIds(calcRequest.getReturnData()));
     }
 }
 attributeRequestContext.setRequestedAttributes(attributeIds);

 // resolve attributes
 LOG.debug("PSP '{}' - Calc {} Resolving attributes '{}'.",
     new Object[] {getId(), calcRequest, attributeIds});
 Map<String, BaseAttribute<?>> attributes =
getAttributeAuthority().getAttributes(attributeRequestContext);

For anyone interested.

TomZ