-
Type:
Feature Request
-
Status: Open
-
Priority:
Minor
-
Resolution: Unresolved
-
Affects Version/s: 7.0.0 DXP SP2
-
Fix Version/s: None
-
Component/s: Application Security > LDAP
-
Labels:
Background Info
- Under the condition that portal experiences intermittent LDAP server socket connection timeout while importing users and groups, certain users will fail to be imported as a result of NullPointerException, because Null value for LdapContext is returned when LDAP connection is initialized.
- Only under the condition that we set log level for PortalLDAPUtil as Debug, we can see the SocketTimeoutException leads to the failure of binding LDAP server.
- The following error message was see without any context:
[liferay/scheduler_dispatch-2][PortalLDAPUtil:?] Failed to bind to the LDAP server
Areas to improve
- Improve the logging by adding more context to warning message "Failed to bind to the LDAP server", to help diagnose issue in the future.
- Wrap the exception and propagate source exception from PortalLDAPUtil to caller.
- The NPE stack trace stems from method getNameInNamespace in class PortalLDAPUtil at line 434.
package com.liferay.portal.security.ldap; public static String getNameInNamespace( long ldapServerId, long companyId, Binding binding) throws Exception { ... // line 434 String name = binding.getName(); ... }
we can see there is no NULL check for parameter variable "binding" before the call "binding.getName()", so a NULL value check before line 434 with a suitable log message may be very helpful.
Related Log Snippet, further analysis and recommended approach
Attached for reference
- relates
-
LPS-121708 As a System Administrator, I want to have log info with better context that helps locate and resolve issue more quickly
-
- Open
-