Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] PROBLEM_GETTING_MEMBERS grouper ws 2.4

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] PROBLEM_GETTING_MEMBERS grouper ws 2.4


Chronological Thread 
    < Chronological >      < Thread >
  • From: Siju Jacob <>
  • To: "Hyzer, Chris" <>, "Black, Carey M." <>, " Mailing List" <>
  • Subject: RE: [grouper-users] PROBLEM_GETTING_MEMBERS grouper ws 2.4
  • Date: Fri, 9 Aug 2019 14:31:38 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oit.rutgers.edu; dmarc=pass action=none header.from=oit.rutgers.edu; dkim=pass header.d=oit.rutgers.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iiOSBgExoj6vJwpxj4sLIDKAPYd+NKgCkQuQX4+EVk4=; b=mH3xySoF/Q2KYI78Ws3/AxWj65NE/ETi6miSWJocavBISwBeOjDpJhx+f7Iu1DXwY6tNJO7lNIsPH+IhiHh7QBFyaakMVIXtDbbdA+3fjMPUleJwG8nMkSGUiYjDrU9dHUTeEdPTZ0rMZM174gGfAmGiE2jSYgoo2p+o0MUMylv4XjV4bZaUGbNTi9JQoPPoY72ivf6MrRAKYTHnxOfnfd0jOqfm4vWY+85hVEF8ibed0VlC8VT8UEQzSnsxaNwC+0b+J2fC1zib3fwaLNtgl1RGCjpiAoa5QT/ABg11LhM0HEnzwRJsUPhQuunWEXhziGpo9prwTL+2jPiX2P+WzA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MRg1IOhg1gMTD1VDcVwnEOsc6aIdbxx99Ly4qODr84e1iffEvjLKUlWWioJ/Fwy/cccPI9SDlfcpZPnAopUlAEDd84LyTCeg00CdfovJ6KpiTyc+m2aUNmaGvhNF30GVTyYHnrn458VTa4MdexMJOjrfmIGD9G4DvqMli23EmyJVWp+B0cur4F+hCaKYgHoXvlCQUDGHol6vYM7g0/USFy0t/HU5hM8lH472P0zg/0Qi4e9OOVvI7ikHp0qztbkjwBzGoLTkFbSrCJs5stAan2/I/ozXWcdVkxgUQOZEw7OqiumuTrKbUYAkw044pY+ksQAtS2EVU7hm70Lr0GF2tw==

Hi Chris,

   Thanks Chris and Carey for the response.

Below is the response using rest client in browser.

Grouper 2.4 is deployed in my local machine and grouper 2.3 is deployed in our dev server. Both my local server and dev server is connecting to same oracle schema and ldap server. It’s the exact same request body. Dev server with grouper 2.3 returns proper response and the call to grouper 2.4 in my local server fails. I had the similar response earlier in 2.3 due to authorization issues.

     Service dn’s for authenticating the webservice calls is stored in our ldap.

In subject.properties, if I use subjectApi.source.ldap_servicedn.adapterClass = edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter, I get authenticating exception on server startup.
Its works fine with subjectApi.source.ldap_servicedn.adapterClass = edu.internet2.middleware.subject.provider.LdapSourceAdapterLegacy
 
Below is our entries from grouper-loader.properties
 

ldap.nonPersonLdap.url="ldaps://test-ldap.rutgers.edu:636/dc=rutgers,dc=edu

ldap.nonPersonLdap.user = uid=service-dn,ou=Special Users,dc=rutgers,dc=edu

ldap.nonPersonLdap.pass = secret

ldap.nonPersonLdap.validator = SearchValidator

ldap.nonPersonLdap.validatorCompareDn = ou=Special Users,dc=rutgers,dc=edu

ldap.nonPersonLdap.validatorCompareAttribute = ou

ldap.nonPersonLdap.validatorCompareValue = person, group, application

com.sun.jndi.ldap.read.timeout=300000

 
 
Please find attached our subject.properties file. 
 

 

 

 

Below is the response from grouper 2.3 on dev server.

 

 

Thanks,

Siju Jacob

From: Hyzer, Chris <>
Sent: Friday, August 9, 2019 9:35 AM
To: Black, Carey M. <>; Siju Jacob <>; Mailing List <>
Subject: RE: PROBLEM_GETTING_MEMBERS grouper ws 2.4

 

You can log requests and responses:

 

https://spaces.at.internet2.edu/display/Grouper/Grouper+Web+Services#GrouperWebServices-Loggingrequestsandresponses

 

Can you send us the output in 2.3 and 2.4?  😊  do you still have a 2.3 env?  Are you sure the privileges are ok for the caller?  Does the call work with grouper client?

 

You can call the 2.3 service in 2.4, though it uses the same underlying logic as 2.4.  Does it make a difference?

 

Can you reproduce this in a test env?

 

I don’t think you should run 2.3 web service against a 2.4 registry…  lets try to figure out the issue

 

Thanks

Chris

 

 

 

From: <> On Behalf Of Black, Carey M.
Sent: Thursday, August 08, 2019 11:45 PM
To: Siju Jacob <>; Mailing List <>
Subject: RE: [grouper-users] PROBLEM_GETTING_MEMBERS grouper ws 2.4

 

Siju,

 

I have not tracked down the code that produces the output string you are reporting.

However I find it “odd”  that there is a “,\n” at the end of the groupName value.  Maybe that is being added in that error message… but maybe not….

 

 

Is it possible that you are actually passing a string to the Web Service that ends in “a comma and a hard return” as part of the group name?

 

--

Carey Matthew

 

From: <> On Behalf Of Siju Jacob
Sent: Wednesday, August 7, 2019 2:04 PM
To: Mailing List <>
Subject: [grouper-users] PROBLEM_GETTING_MEMBERS grouper ws 2.4

 

Hi Team,

    We are having issues with grouper webservice 2.4. With grouper ws 2.4 we get the below response using restclient.

 

{"WsGetMembersResults":{"resultMetadata":{"success":"F","resultCode":"PROBLEM_GETTING_MEMBERS","resultMessage":"There were 0 successes and 1 failures of getting members for groups."},"subjectAttributeNames":["loginid","name"],"responseMetadata":{"serverVersion":"2.4.0","millis":"1248"},"results":[{"resultMetadata":{"success":"F","resultCode":"GROUP_NOT_FOUND","resultMessage":"Invalid group for 'wsGroupLookup', WsGroupLookup[pitGroups=[],groupName=apps:oit:eas:idm:Open_Registry:RBHS-Services-Requesters,\n  groupFindResult=GROUP_NOT_FOUND], WsGroupLookup[pitGroups=[],groupName=apps:oit:eas:idm:Open_Registry:RBHS-Services-Requesters,\n  groupFindResult=GROUP_NOT_FOUND], null"}}]}}

 

Whereas it works fine with grouper ws 2.3.

 

My question here is can we have grouper ui 2.4 running with grouper ws 2.3.

 

 

Thanks,

Siju Jacob

Attachment: subject.properties
Description: subject.properties


Archive powered by MHonArc 2.6.19.

Top of Page