Grouper Users - Open Discussion List

["Singley, Norman" <>]

Chris -

 

Great catch on the umid / uid.  It’s actually the opposite  - I search for uid (what we call netid, in this case ns180505e ).  I fixed that, and now, I am not getting the entity not found error, so THANKS!!. I can successfully add members to the wheel group, but still can’t create any new folders.   When I go to add a folder and search for Root, It says “the value entered is not valid”

 

We seem to be getting a proper connection to the oldap then, but the privs are not getting assigned to the identities? 

 

 

Yes, I did send /grouper/grouper.ws-2.3.0/grouper-ws/build/dist/grouper-ws/WEB-INF/classes/sources.xml -   All three of the sources.xml are the same. 

 

I’m kind of a novice with the shell. I started it from /grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/bin/gsh but when I run–registry –drop –runscript it says: Error: unable to evaluate command: Sourced file: inline evaluation of: `` -registry -drop -runscript;'' : illegal use of undefined object or 'void' literal

 

 

 

I do get a cleaner startup now, after clearing out the old logs. 

 

I can successfully query the oldap using gsh:

 

gsh 5% grouperSession = GrouperSession.startRootSession();

edu.internet2.middleware.grouper.GrouperSession: 548aa1e45f3f4dafba0eaf833d3055f4,'GrouperSystem','application'

gsh 6% SubjectFinder.findByIdentifierAndSource("ns180505e", "oid", false);

subject: id='ns180505e' type='person' source='oid' name='Norman Singley'

 

 

 

 

From: Hyzer, Chris [mailto:]
Sent: Friday, December 02, 2016 12:23 PM
To: Singley, Norman; Mailing List
Subject: RE: Oldap source

 

Your subject id is umid and your subject identifier is uid right?

 

Your search says that but you have this:

 

FROM:

     <init-param>

      <param-name>SubjectID_AttributeType</param-name>

      <param-value>uid</param-value>

    </init-param>

 

Which I think you should change to this:

 

     <init-param>

      <param-name>SubjectID_AttributeType</param-name>

      <param-value>umid</param-value>

    </init-param>

 

The UI is showing subject id of ns180505e which would not be resolved.

 

Any chance you can change that, reinit your database to wipe out the old way you configured it and try again?

 

gsh -registry -drop -runscript

 

Do you still need the sample data and subjects?   I would start fresh without that stuff.

 

Some troubleshooting… after the above…

 

What path of sources.xml did you send me?  Its /grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/classes/sources.xml   right?

 

If you stop tomcat, delete logs, and start, do you not see that stack in the logs anymore?

 

Add this to the log4j.properties

 

log4j.logger.edu.internet2.middleware.subject = DEBUG

 

Start gsh from /grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/bin/gsh

 

Try to resolve subjects.  E.g.

 

https://spaces.internet2.edu/pages/viewpage.action?pageId=14517859

 

grouperSession = GrouperSession.startRootSession();

SubjectFinder.findByIdAndSource("790505106", "oid", false);

 

Or

 

grouperSession = GrouperSession.startRootSession();

SubjectFinder.findByIdentifierAndSource("ns180505e", "oid", false);

 

 

 

From: Singley, Norman []
Sent: Friday, December 02, 2016 1:59 PM
To: Hyzer, Chris <>;
Subject: RE: Oldap source

 

Thanks Chris. 

 

Here is the LDIF record for one of the identities.

 

 

Norman Singley

Directory Services

406 243 6799

 

 

 

From: Hyzer, Chris []
Sent: Friday, December 02, 2016 11:54 AM
To: Singley, Norman;
Subject: RE: Oldap source

 

Send us what one of those subjects (which should be resolvable but which isn’t) looks like in ldap, all the attributes/values, note feel free to sanitize…

 

From: [] On Behalf Of Singley, Norman
Sent: Friday, December 02, 2016 1:37 PM
To:
Subject: [grouper-users] Oldap source

 

Hi Folks.

 

I had to take a break from working on this, but I have time to get after it again.  I am having trouble, I think with getting all of the identity details from our openldap. I have grouper configured to authenticate through our CAS/Shib, and as far as I can tell, that’s working. 

 

When  I get to the UI, however, none of the members of my wheel group can create new folders.   I can add new members to the wheel group using the UI.

 

Next to the netid, there is an Entity not found error:

 

 

 

 

If I click on an identity, I get an “Error: cannot find subject” in a pink bar at the top of the page.

 

Playing around a bit, I tried going into the lite UI, and when I bring up the member details page I get this:

 

 

 

All three sources.xml files are the same, and attached. 

So, I’m not really sure where to go next.  Thanks for any help. 

 

 

Norman Singley

Directory Services

406 243 6799

 

 

Dec 02, 2016 12:50:21 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal 
performance in production environments was not found on the 
java.library.path: 
/usr/java/packages/lib/amd64:/usr/lib64:/lib64:/lib:/usr/lib
Dec 02, 2016 12:50:21 PM org.apache.tomcat.util.digester.SetPropertiesRule 
begin
WARNING: [SetPropertiesRule]{Server/Service/Engine/Host/Context} Setting 
property 'mapperContextRootRedirectEnabled' to 'true' did not find a matching 
property.
Dec 02, 2016 12:50:21 PM org.apache.tomcat.util.digester.SetPropertiesRule 
begin
WARNING: [SetPropertiesRule]{Server/Service/Engine/Host/Context} Setting 
property 'mapperDirectoryRedirectEnabled' to 'true' did not find a matching 
property.
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further 
details.
Dec 02, 2016 12:50:21 PM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Dec 02, 2016 12:50:21 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1122 ms
Dec 02, 2016 12:50:21 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Dec 02, 2016 12:50:21 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.35
Grouper starting up: version: 2.3.0, build date: 2016/04/16 05:37:21, env: 
<no label configured>
grouper.properties read from: 
/grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/classes/grouper.properties
Grouper current directory is: /
log4j.properties read from:   
/grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/classes/log4j.properties
Grouper is logging to file:   
/grouper/apache-tomcat-6.0.35/logs/grouperUi/grouper_error.log, at min level 
WARN for package: edu.internet2.middleware.grouper, based on log4j.properties
grouper.hibernate.properties: 
/grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/classes/grouper.hibernate.properties
grouper.hibernate.properties: 
grouper@jdbc:oracle:thin:@griz06.umt.edu:7456:grouper
sources.xml read from:        
/grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/classes/sources.xml
sources.xml groupersource id: g:gsa
sources.xml ldap source id:   oid: 
uid=grouperquery,ou=people,dc=umt,dc=edu@ldap://cidp.umt.edu:389
sources.xml groupersource id: grouperEntities
sources.xml jdbc source id:   jdbc: GrouperJdbcConnectionProvider