Details
-
Type:
Bug
-
Status:
Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 5.1.2, 5.2.3
-
Fix Version/s: 6.0.0 Preview
-
Component/s: None
-
Labels:None
-
Environment:Tomcat 5.5.27, OpenDS 1.2.0
Tomcat 5.5.27, ApacheDS 1.0.2
-
Branch Version/s:5.1.x, 5.2.x
-
Backported to Branch:Committed
-
Similar Issues:
-
Liferay Contributor's Agreement:Accept
Description
If the setting ldap.user.mappings specifies a value for jobTitle= then LDAP Export fails in the following scenarios:
Whilst creating the default user and default admin during CheckCompany logic, if you are starting Liferay with an empty database, after it creates tables and populates them.
When the contact is created, if you are creating a user and don't specify a job title.
When the contact is created during import of an existing user from LDAP, either on a schedule, or during initial logon - because the user is immediately re-exported - which isn't ideal.
You'll likely see one of the following errors:
javax.naming.directory.InvalidAttributeValueException: LDAP: error code 21 - title: value #0 invalid per syntax
javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - Entry "xxxxxxxx" contains a value "" for attribute title that is invalid according to the syntax for that attribute: The operation attempted to assign a zero-length value to an attribute with the directory string syntax
Attached is my patch to resolve issues:
1. Default User should not be exported to LDAP.
2. jobTitle export will not attempt to export a blank jobTitle.
3. If you are genuinely replacing the jobTitle with a blank the jobTItle LDAP attribute is actually removed rather than set to a zero length string (which is invalid according to the LDAP schema).
The changes were generated against source for 5.2.3, but I've checked this against trunk and I believe they are still valid. Since I'm working on a copy of source from our own SVN you might notice odd revision numbers in the patch file, hopefully that isn't going to cause an issue.
Jason