Hyland Connect

b_schnarr · ‎03-06-2014

Maybe, I did something wrong. When I use local users, the user form type works well and I can select my assignee. Now I connected the Explorer to an LDAP. The integration works well but the user form type does not show any users anymore.

Did I something wrong or is this a bug?

Thank you
Ben

b_schnarr · ‎03-12-2014

Same result with <code>if (searchText.length() > 3) {</code> even though Klaus Kerberos exists and he has forename and surename…
What I can say for sure: This error occurs when a user has no sur- or forename. But I do not know where to catch this…
I also tried with <code>       List<User> results = ProcessEngines.getDefaultProcessEngine()
              .getIdentityService()
              .createUserQuery()
              .userFullNameLike(searchText)
              .memberOfGroup("activiti_users")
              .list();</code>

only to list users which are in the group "activiti_users". But that query does not work. All Users where shown

tombo · ‎03-13-2014

For every attribute present in the configuration
<code>
<!– Attribute config –>
                <property name="userIdAttribute" value="cn" />
                <property name="userFirstNameAttribute" value="givenName" />
                <property name="userLastNameAttribute" value="sn" />
</code>
there must be attribute value present in the LDAP, otherwise error will be thrown.
When search for Klaus Kerberos is being performed and user found but anyway error occurs, is any other user displayed in list? If this user doesn’t have any of requested attributes populated, then this will explain that Klaus Kerberos user is found but error thrown anyway.

b_schnarr · ‎03-13-2014

Klaus Kerberos has cn = Klaus Kerberos, sn = Kerberos and givenName = Klaus. In the whole LDAP, there are just 2 users beginning with Ker: Kerberos and Kermit (both have fore- and surename). I use the rule > 3. When I type in "Kerm", the User Kermit is correctly found without error. When I type In "Kerb", the user Klaus Kerberos is not found and the error is thrown. When I add 1 letter (Kerbe), user Klaus Kerberos is found correctly. When I type in Klaus, the user is found correctly as well.

This is very strange. Is there a way to catch those exceptions? Because everything seems to be right with the user Klaus Kerberos. With the original rule >=2, this error occurs as soon as the first 2 letters are typed in. Maybe because then, more users are listed in the search box and in our LDAP, there are indeed users without fore- and lastname. With more letters, the search is more selective. Ok, accepted. But with user Klaus Kerberos, everything is fine.

Can you reproduce those errors? If we could catch this, we would be on the save side. At lease for a productive environment, the error should not be thrown. In addition, I do not understand the null pointer, because everything is checked for null…

Thanks your your answers

tombo · ‎03-13-2014

I'll try to confirm your findings but it will have to wait for next week, as I'm hard pressed with my job.
I'm interested to get this working.
For now, it looks like user search (which is done against cn attribute) works well only with beginning 4 letters of user name (Kerm, Klaus,..). Maybe you could look in to the userFullNameLike method from UserQueryImpl.java which compares user name values.

b_schnarr · ‎03-13-2014

Thank you. The thing is that I do not understand why it runs in a null pointer. Because the attributes were only set when <code>ldapConfigurator.getUserFirstNameAttribute() != null</code>
I also added <code> && user != null && result != null</code>

Without success.

tombo · ‎03-13-2014

Disclaimer! I'm an old fart and been dealing with programming for less than two years. My comments might be wrong due to lack of knowledge. (would be nice signature)

Now, <code>ldapConfigurator.getUserFirstNameAttribute() != null …</code> sets attribute value if „userFirstNameAttribute“ exists in the activiti-standalone-context.xml, and it does exist.
Edit:
Condition result != null is ~~never met~~ is not necessary as there is always something in the resulting LDAP query.
You should first get attribute value and check whether is null and if not then set attribute value in the LDAPUserManager.java (your post #10).

b_schnarr · ‎03-13-2014

Ok, but where should I check the attribute value?

tombo · ‎03-13-2014

Could you test this code?
<code>
    if (ldapConfigurator.getUserFirstNameAttribute() != null) {
        String attributevalue = result.getAttributes().get(ldapConfigurator.getUserIdAttribute()).get().toString();
        if(attributevalue==null || attributevalue.trim().length()==0 || attributevalue.equals("null")) {
     user.setFirstName("DummyValue");
        } else {
      user.setFirstName(attributevalue);
    }
    }
</code>
Apply the same for LastNameAttribute

b_schnarr · ‎03-13-2014

Tried it and I get <code>Caused by: java.lang.NullPointerException
at org.activiti.ldap.LDAPUserManager.mapSearchResultToUser(LDAPUserManager.java:170)</code>

In my case, line 170 is this here:

<code>String attributevalue2 = result.getAttributes().get(ldapConfigurator.getUserLastNameAttribute()).get().toString(); </code>

tombo · ‎03-13-2014

Ah, Catch- 22. We should know that string is null before we get it's value. On the other side, it's clear that attribute value is coming as null from the LDAP.
So, every LDAP user must have all attributes populated. I don't see other way to handle this. Question remains, why is search working with +1 letter (from condition number) if search string phrase is equal to second part of user name (for Klaus Kerberos works with Klau but not with kerb).

Hyland Connect

User Form Type does not show users when using LDAP