Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] LDAP UnboundID bug? (hardcoded JNDI reference)

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] LDAP UnboundID bug? (hardcoded JNDI reference)


Chronological Thread 
  • From: Shilen Patel <>
  • To: Baron Fujimoto <>
  • Cc: Grouper Users <>
  • Subject: Re: [grouper-users] LDAP UnboundID bug? (hardcoded JNDI reference)
  • Date: Fri, 4 Jun 2021 11:47:14 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=duke.edu; dmarc=pass action=none header.from=duke.edu; dkim=pass header.d=duke.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PkYiiCf0Eubor7v3Ioc66XYVQkesiZC4KbuT6I2RJC0=; b=kYTPueHiJqu2Z9DmRTrMaG4Lp4k6YvLbFw7XA8XSDpq0xhaB1abn0HXoFpxrIqs5XRLhgzk9bWIWwt8yT90Ny8knGDc/hazySvTpy5BOLIDGaVK0TCmLb2efKvqPHNhQY81MF1zioXtrsYysoQBkMjDzEWYIRhyu5QA7wltDqyPjpY2Z8GroSvmPIOrcvbcHZ0I1NhaC+z5IB0nRzkKh2K0CQbg/E0Qr+foVz/44P86KiJafB5NwL8HVvOjnYtNzxe6l+h1wrK8qicOxMM0rRly5x8aCLNhGIHEX381T+1Folggt0EWImt8u54Q4SUwNnDRjL5smD6Evkuv4jts44Q==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=FhiceeEnhSVnlcxZC3LffjLTFisGXLzqnIhy2JS6r7aYJrH/F8Lz36dTeraQDJpflAPJof/dcjG7scxUUZGEFB1oR6Bf4co9u585I3U/WkjUWb4XoecbpjZ/EOUxlqwOd6tsUI4GEfj3MC08B9f2h9aAmrbWbZoBWaQN/jvmk9r2zC4u1hwIsSGywKVKVGjKCIE7danBm2iHSSsKihIeTaEXPx6KFFNVspqlTLNzL095310DHRxCKncJrau+Mfck3jjVzKAw5y3LvasjS3Xh58MKyrb3Vfl6noTblT090cUNL/3VNuObtBpvgMk78nvVS0iHTNOhcecY3TNA4ca+4w==

We talked before about upgrading to the latest ldaptive version, which has its own LDAP implementation.  Or using UnboundID directly.  I think the plan was to change this in 2.6. 

 

By the way, what timeout issue are you having currently?  What pool validator settings do you have?  I use the following (to validate every 5 minutes) to avoid timeout issues.

 

ldap.personLdap.validatePeriodically = true

ldap.personLdap.validateTimerPeriod = 300000

 

Are you on Slack?

 

- Shilen 

 

From: <> on behalf of Baron Fujimoto <>
Reply-To: Baron Fujimoto <>
Date: Thursday, June 3, 2021 at 8:50 PM
To: Grouper Users <>
Subject: [grouper-users] LDAP UnboundID bug? (hardcoded JNDI reference)

 

We were trying to use an UnboundID config to work around an F5/JDK/LDAP timeout bug, but we think we've encountered a bug in Grouper that prevents us from using this workaround.

 

When trying UnboundID, Grouper starts up with no issue, but later when LDAP is used it fails at this line (as determined by a consultants we're working with):

 

The source appears to be hard-coded as a JndiProviderConfig and isn't adaptable to UnboundID providers such as org.ldaptive.provider.unboundid.UnboundIDProvider. The consultants suggest that the Grouper devs would need to build in functionality to support both or drop JNDI support and switch these items to UnboundID.

 

--

Baron Fujimoto <> :: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum




Archive powered by MHonArc 2.6.24.

Top of Page