cancel
Showing results for 
Search instead for 
Did you mean: 

User Form Type does not show users when using LDAP

b_schnarr
Champ in-the-making
Champ in-the-making
Maybe, I did something wrong. When I use local users, the user form type works well and I can select my assignee. Now I connected the Explorer to an LDAP. The integration works well but the user form type does not show any users anymore.

Did I something wrong or is this a bug?

Thank you
Ben
39 REPLIES 39

b_schnarr
Champ in-the-making
Champ in-the-making
Ok, my fault. Sometimes is the wrong word. Those errors always occur then you try to search user. E.g. when you type in the first 2 letters of kermit, you will get this error. even though there is a LDAP User kermit. What do you suggest? The user form type works fine with local users. All I did is to remove the %-signs. Now, the exceptions occur.

b_schnarr
Champ in-the-making
Champ in-the-making
This here does not help:

<code>
protected void mapSearchResultToUser( SearchResult result, UserEntity user) throws NamingException {
    if (ldapConfigurator.getUserIdAttribute() != null && user != null) {
      user.setId(result.getAttributes().get(ldapConfigurator.getUserIdAttribute()).get().toString());
    }
    if (ldapConfigurator.getUserFirstNameAttribute() != null && user != null) {
      user.setFirstName(result.getAttributes().get(ldapConfigurator.getUserFirstNameAttribute()).get().toString());
    }
    if (ldapConfigurator.getUserLastNameAttribute() != null && user != null) {
      user.setLastName(result.getAttributes().get(ldapConfigurator.getUserLastNameAttribute()).get().toString());
    }
    if (ldapConfigurator.getUserEmailAttribute() != null && user != null) {
      user.setEmail(result.getAttributes().get(ldapConfigurator.getUserEmailAttribute()).get().toString());
    }
  }
</code>

I still get the error from above with <code>Caused by: java.lang.NullPointerException
at org.activiti.ldap.LDAPUserManager.mapSearchResultToUser(LDAPUserManager.java:165)</code>

No idea why. Can anyone help? It would be great if the User Form Type would work with LDAP and it seems that we aren´t far from that because he finds the users in LDAP correctly! The only thing is this exception.

tombo
Champ in-the-making
Champ in-the-making
If we can determine why search fails with two letters but succeeds with four, maybe this will lead to solution. Where is boundary, three or four letters?
It's not a solution but what happens if search trigger condition is changed to >2 instead >=2?

b_schnarr
Champ in-the-making
Champ in-the-making
The Problem seems to occur in the mapSearchResultToUser method in LDAPUserManager.java. The Steps
<code>user.setFirstName(result.getAttributes().get(ldapConfigurator.getUserFirstNameAttribute()).get().toString());</code> and
<code>user.setLastName(result.getAttributes().get(ldapConfigurator.getUserLastNameAttribute()).get().toString());</code>

are causing a Nullpointer-Exception. But I have no idea why… Could this problem occur when only the first one or two letters are typed in and then, the query tries to search for the user but does not find a user object?

Maybe, the line <code>if (ldapConfigurator.getUserIdAttribute() != null) {</code> must be extended to
<code>if (ldapConfigurator.getUserIdAttribute() != null && user!= null) {</code>

What do you think?

b_schnarr
Champ in-the-making
Champ in-the-making
I tried it with <code> if (searchText.length() >= 3) {</code> and <code> if (searchText.length() >= 4) {</code>
If the trigger condition is set to >= 4, the error occurs not so often, but it still occurs….That makes sense because with 4 letters, the query has a better chance to find a user. The Question is why this problem does not happen with local users and how we could avoid them.

Just a thought: Lets say the trigger condition is set to 4. Nothing happens until the 4th letter is typed in. So far so good. Now, there are 2 possibilities. If there are users in the LDAP with names containing these letters, all is good. Otherwise, the error happens.

What is very strange: We have an LDAP User "Klaus Kerberos". With the first 4 letters (kerb), the query finds nothing. With 5letters (kerber), the query finds the user. What sense have the %-signs?

Thanks for your contribution

tombo
Champ in-the-making
Champ in-the-making
% sign is used as wildcard. For LDAP query we should replace this with *.

b_schnarr
Champ in-the-making
Champ in-the-making
Indeed, <code> List<User> results = ProcessEngines.getDefaultProcessEngine()
              .getIdentityService()
              .createUserQuery()
              .userFullNameLike("*" + searchText + "*")
              .list();</code>

works well with LDAP, but this error is still there. I have users without a forename or surename. Then, this errors occures. But there are several other users with a forename and a surename and this error occurs as well. I checked user and result for null, maybe this here is null?? <code> ldapConfigurator.getUserFirstNameAttribute()).get().toString()</code>

tombo
Champ in-the-making
Champ in-the-making
Could you try with <code>if (searchText.length() >3 )</code> and check behaviour on Klaus Kerberos user?

b_schnarr
Champ in-the-making
Champ in-the-making
I searched for Klaus Kerberos it with <code>if (searchText.length() >= 4) {</code> and got the error. When I use >= 3 or >=2, I get this error, too.

tombo
Champ in-the-making
Champ in-the-making
I was curious for condition > and not >=