Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ldap query 'queryGroupsForUser' is not working

slag
Champ in-the-making
Champ in-the-making

‎04-03-2015 09:34 AM

I'm running Activiti 5.16.3 with an ldap connection configured.

I noticed that assigning a task to someone else didn't work and started debugging the ldap part.

The ldapsearch <property name="queryGroupsForUser" value="(&amp;(objectClass=groupOfNames)(member={0}))" /> is wrongly implemented
In the ldap server log i noticed this query:   (&(objectClass=inetOrgPerson)(|(givenName=*%sebas%*)(sn=*%sebas%*))).

This query doesn't work because the '%' is added. I guess this is there to have like in a database.

Any idea where i can remove the '%'
Labels:
0 Kudos
7 REPLIES 7

slag
Champ in-the-making
Champ in-the-making

‎04-03-2015 09:38 AM

looks like the query itself fell of:
<code>
<property name="queryUserByFullNameLike" value="(&amp;(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))" />
</code>
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎04-07-2015 09:12 AM

Where did you find this query?

I can only find that query in a test configuration xml, and it the userguide as an example for ApacheDS.
0 Kudos

slag
Champ in-the-making
Champ in-the-making

‎04-07-2015 09:19 AM

<code>
<property name="queryUserByFullNameLike" value="(&amp;(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))" />
</code>
This is configured in activiti-standalone-context.xml
http://www.activiti.org/userguide/#ldap_configuration (chapter 17.3)
<code>
(&(objectClass=inetOrgPerson)(|(givenName=*%sebas%*)(sn=*%sebas%*)))
</code>
This is the ldapsearch that is performed. It shows the queries in the ldaplog.
We are using openldap.
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎04-14-2015 07:48 AM

Sure, but this is just an example. You are supposed to change it to your LDAP system. LDAP queries are not portable between systems
0 Kudos

slag
Champ in-the-making
Champ in-the-making

‎04-15-2015 05:42 AM

I did change the ldap query and it works in an ldap browser.
The Issue i have is that activiti adds a "%" signs to my query.

"*" is the wildcard character in LDAP.
My query contains: *{1}*. This should result in *sebas*.
The result however according to the log on the ldap server is *%sebas%*

I think that activiti adds the "%" since it is the wildcard for MYSQL.

For the record: this the the query i have configured in activiti-standalone-context.xml
<code>
"(&amp;(objectClass=inetOrgPerson)(|({0}=*{1}*)({2}=*{3}*)))"
</code>
As you can see there is no "%" sign in my query

The result on the ldap server is:
<code>
(&(objectClass=inetOrgPerson)(|(givenName=*%sebas%*)(sn=*%sebas%*)))
</code>
As you can see a % sign is added.
0 Kudos

slag
Champ in-the-making
Champ in-the-making

‎04-17-2015 08:30 AM

I think i bumped into this bug.
http://forums.activiti.org/content/user-form-type-does-not-show-users-when-using-ldap

I will further investigate.
0 Kudos

slag
Champ in-the-making
Champ in-the-making

‎04-17-2015 10:29 AM

You can close this thread.
It should be fixed in later versions.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC