Grouper Users - Open Discussion List

[Bryan Wooten <>]

Paul,

 

I think you are correct but I still need to test.

 

See this snippet:

 

<!--

    <!- - This is an alternate jdbc source which allows for more complex searches, assumes

      all data is in one table or view, and that all attributes are single valued.  There are

      not queries to configure in sources.xml - - >

 

Apparently  since XML doesn’t support nested comments it was decided to put a space between all the dashes in order create nested comments.

 

I had a syntax error early on and removed all the spaces….. since it seemed wrong.

 

Thanks for the hint!

 

Bryan Wooten

Tel: (801)585-9323

Email:

 

 

 

From: Paul Engle [mailto:]
Sent: Monday, April 23, 2018 12:17 PM
To: Bryan Wooten <>
Cc:
Subject: [Ext] Re: [grouper-users] Trouble adding to sources.xml

 

******************************************************
WARNING: Stop. Think. Read. This is an external email.
******************************************************

The source "sourceId" is the commented-out example of a JDBC source connector in the default sources.xml file. Maybe you uncommented it by mistake?

 

  -paul

-- 

Paul Engle

Office of Information Technology

713-348-4702

 

On Mon, Apr 23, 2018 at 1:08 PM, Bryan Wooten <> wrote:

All,

 

I have installed Grouper using the installer with all the Demo data/groups. It works fine. We have been simply logging in as GrouperSystem. SSO is not implemented.

 

I am trying to add an LDAP source in sources.xml so I can demo creating groups with our users.

 

But when I make the change (in both the API conf dir and the UI classes dir) I get this error when I login as GrouperSystem (this account does exist in our LDAP):

 

Error:

• problem in sources.xml source: sourceId, sql: select some_id,name,description,description_lower,pennname,penn_id from person_source_v where some_id in (?), Cant find subject from login id: GrouperSystem
• If you continue to encounter errors, please contact technical support

I bumped up log levels on UI side but I don’t see anything that helps. Both the API and UI load without errors.

Here is my sanitized source xml for LDAP if this helps.

Thanks for any pointers.

-Bryan

<!-- UofU config for Test LDAP -->

    546

    547   <source adapterClass="edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter">

    548     <id>UofU</id>

    549     <name>UofU Person</name>

    550     <type>person</type>

    551     <init-param>

    552       <param-name>INITIAL_CONTEXT_FACTORY</param-name>

    553       <param-value>com.sun.jndi.ldap.LdapCtxFactory</param-value>

    554     </init-param>

    555     <init-param>

    556       <param-name>PROVIDER_URL</param-name>

    557       <param-value>ldap://ldaptest</param-value>

    558     </init-param>

    559     <init-param>

    560       <param-name>SECURITY_AUTHENTICATION</param-name>

    561       <param-value>simple</param-value>

    562     </init-param>

    563     <init-param>

    564       <param-name>SECURITY_PRINCIPAL</param-name>

    565       <param-value>cn= </param-value>

    566     </init-param>

    567     <init-param>

    568       <param-name>SECURITY_CREDENTIALS</param-name>

    569       <param-value> </param-value>

    570     </init-param>

    571      <init-param>

    572       <param-name>SubjectID_AttributeType</param-name>

    573       <param-value>unid</param-value>

    574     </init-param>

    575      <init-param>

    576       <param-name>SubjectID_formatToLowerCase</param-name>

    577       <param-value>false</param-value>

    578     </init-param>

    579     <init-param>

    580       <param-name>Name_AttributeType</param-name>

    581       <param-value>cn</param-value>

    582     </init-param>

    583     <init-param>

    584       <param-name>Description_AttributeType</param-name>

    585       <param-value>description</param-value>

    586     </init-param>

    587 <!-- UofU ClasNotFound on load?

    588     <init-param>

    589       <param-name>VTLDAP_VALIDATOR</param-name>

    590       <param-value>ConnectLdapValidator|CompareLdapValidator</param-value>

    591     </init-param>

    592     <init-param>

    593       <param-name>VTLDAP_VALIDATOR_COMPARE_DN</param-name>

    594       <param-value>ou=people,o=utah.edu</param-value>

    595     </init-param>

    596     <init-param>

    597       <param-name>VTLDAP_VALIDATOR_COMPARE_SEARCH_FILTER_STRING</param-name>

    598       <param-value>ou=people,o=utah.edu</param-value>

    599     </init-param>

    600     End UofU comment out -->

    601     /// Scope Values can be: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE

    602     /// For filter use

    603

    604     <search>

    605         <searchType>searchSubject</searchType>

    606         <param>

607             <param-name>filter</param-name>

    608             <param-value>

    609                 (&amp; (unid=%TERM%) (objectclass=person))

    610             </param-value>

    611         </param>

    612         <param>

    613             <param-name>scope</param-name>

    614             <param-value>

    615                 SUBTREE_SCOPE

    616             </param-value>

    617         </param>

    618         <param>

    619             <param-name>base</param-name>

    620             <param-value>

    621                 ou=people,o=utah.edu

    622             </param-value>

    623         </param>

    624

    625     </search>

    626     <search>

    627         <searchType>searchSubjectByIdentifier</searchType>

    628         <param>

    629             <param-name>filter</param-name>

    630             <param-value>

    631                 (&amp; (unid=%TERM%) (objectclass=person))

    632             </param-value>

    633         </param>

    634         <param>

    635             <param-name>scope</param-name>

    636             <param-value>

    637                 SUBTREE_SCOPE

    638             </param-value>

    639         </param>

    640         <param>

    641             <param-name>base</param-name>

    642             <param-value>

    643                 ou=people,o=utah.edu

    644             </param-value>

    645         </param>

    646     </search>

    647

    648     <search>

    649        <searchType>search</searchType>

    650          <param>

    651             <param-name>filter</param-name>

    652             <param-value>

    653                 (&amp; (|(|(unid=%TERM%)(cn=*%TERM%*))(sn=%TERM%))(objectclass=person))

    654             </param-value>

    655         </param>

    656         <param>

    657             <param-name>scope</param-name>

658             <param-value>

    659                 SUBTREE_SCOPE

    660             </param-value>

    661         </param>

    662          <param>

    663             <param-name>base</param-name>

    664             <param-value>

    665                 ou=people,o=utah.edu

    666             </param-value>

    667         </param>

    668     </search>

    669     <init-param>

    670       <param-name>subjectVirtualAttribute_0_searchAttribute0</param-name>

    671       <param-value>${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('unid'), "")},${subjectUtils.defaultIfBlank(subj        ect.getAttributeValueOrCommaSeparated('cn'), "")},${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('unid'), "")}</pa        ram-value>

    672     </init-param>

    673     <init-param>

    674       <param-name>sortAttribute0</param-name>

    675       <param-value>cn</param-value>

    676     </init-param>

    677     <init-param>

    678       <param-name>searchAttribute0</param-name>

    679       <param-value>searchAttribute0</param-value>

    680     </init-param>

 

Bryan Wooten

Tel: (801)585-9323

Email: