9:06 p.m.
Hi,
I did the following:
1. /etc/ovirt-engine/extensions.d/eayunosAuthn.properties
ovirt.engine.extension.name = eayunosAuthn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = testad
ovirt.engine.aaa.authn.authz.plugin = eayunosAuthz
config.profile.file.1 =
/usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties
2. /etc/ovirt-engine/extensions.d/eayunosAuthz.properties
ovirt.engine.extension.name = eayunosAuthz
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 =
/usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties
3. /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties (I
just modified the fiirst three variables)
include = <ad.properties>
vars.user = lijiansheng
vars.password = 1qaz@WSX
vars.domain = eayunos.com
vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain}
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
${global:vars.dns}
pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
pool.default.ssl.startTLS = true
pool.default.ssl.truststore.file =
${local:_basedir}/${global:vars.domain}.jks
pool.default.ssl.truststore.password = changeit
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
And this time there is another error in engine.log:
2014-10-20 01:59:32,291 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread 1-3) Loading extension 'eayunosAuthn'
2014-10-20 01:59:32,839 ERROR
[org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC
service thread 1-3) Could not load extension based on configuration file
'/etc/ovirt-engine/extensions.d/eayunosAuthn.properties'. Please check the
configuration file is valid. Exception message is: Error loading extension
'eayunosAuthn': Exception: class java.lang.StackOverflowError: null
2014-10-20 01:59:32,843 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread 1-3) Loading extension 'eayunosAuthz'
2014-10-20 01:59:33,206 ERROR
[org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC
service thread 1-3) Could not load extension based on configuration file
'/etc/ovirt-engine/extensions.d/eayunosAuthz.properties'. Please check the
configuration file is valid. Exception message is: Error loading extension
'eayunosAuthz': Exception: class java.lang.StackOverflowError: null
Thanks for your help :)
plysan
2014-10-20 1:09 GMT+08:00 Alon Bar-Lev <alonbl(a)redhat.com>:
Hi,
You need to refer to ad.properties from your profile, in this profile you
need to specify credentials and settings to access the active directory.
For example, how can the implementation guess where your active directory
is? what is the user that is to be used to access it?
Please follow extension configuration[1] and create two extensions per
documentation.
1. authn - authentication
2. authz - authorization.
Both extensions should refer to your profile[2] that specifies the
required information.
Regards,
Alon
[1]
http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=bl...
[2]
http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=bl...
----- Original Message -----
> From: "plysan" <plysab(a)gmail.com>
> To: "Users(a)ovirt.org List" <users(a)ovirt.org>
> Sent: Sunday, October 19, 2014 7:58:48 PM
> Subject: [ovirt-users] Null object error with ovirt-engine-extension-ldap
>
> Hello,
>
> After I adding a AD directory server to oVirt using manage-domains, I
> installed the extension-ldap package. My setup is as follows:
>
> 1. /etc/ovirt-engine/extensions.d/eayunos.properties
>
> ovirt.engine.extension.name = eayunos
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.ldap
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.ldap.AuthzExtension
> ovirt.engine.extension.provides =
org.ovirt.engine.api.extensions.aaa.Authz
> config.profile.file.1 =
> /usr/share/ovirt-engine-extension-aaa-ldap/profiles/ad.properties
>
> 2. restart ovirt
>
> But after that there is a error in engine.log:
>
> 2014-10-20 00:52:11,199 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Loading extension 'builtin-authn-internal'
> 2014-10-20 00:52:11,201 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension 'builtin-authn-internal' loaded
> 2014-10-20 00:52:11,202 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Loading extension 'internal'
> 2014-10-20 00:52:11,203 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension 'internal' loaded
> 2014-10-20 00:52:11,218 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Loading extension ' builtin-authn-eayunos.com '
> 2014-10-20 00:52:11,232 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension ' builtin-authn-eayunos.com ' loaded
> 2014-10-20 00:52:11,245 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Loading extension ' eayunos.com '
> 2014-10-20 00:52:11,247 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension ' eayunos.com ' loaded
> 2014-10-20 00:52:11,252 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Loading extension 'ovirtSyslog'
> 2014-10-20 00:52:11,253 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension 'ovirtSyslog' loaded
> 2014-10-20 00:52:11,257 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Loading extension 'eayunos'
> 2014-10-20 00:52:11,286 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension 'eayunos' loaded
> 2014-10-20 00:52:11,287 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Initializing extension 'builtin-authn-internal'
> 2014-10-20 00:52:11,288 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension 'builtin-authn-internal' initialized
> 2014-10-20 00:52:11,289 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Initializing extension 'eayunos'
> 2014-10-20 00:52:11,290 INFO
[org.ovirt.engineextensions.aaa.ldap.Framework]
> (MSC service thread 1-16) Creating LDAP pool 'authz' for 'eayunos'
> 2014-10-20 00:52:11,305 ERROR
> [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
> 1-16) Cannot initialize LDAP framework, deferring initialization. Error:
A
> null object was provided where a non-null object is required (non-null
index
> 0). Thread stack trace: getStackTrace(Thread.java:1589) /
> ensureNotNull(Validator.java:60) / <init>(SingleServerSet.java:140) /
> createConnectionPool(Framework.java:516) /
createPool(Framework.java:632) /
> runSequence(Framework.java:1312) / open(Framework.java:666) /
> ensureFramework(AuthzExtension.java:104) /
doInit(AuthzExtension.java:436) /
> invoke(AuthzExtension.java:368) / invoke(ExtensionProxy.java:49) /
> invoke(ExtensionProxy.java:73) / invoke(ExtensionProxy.java:109) /
> initialize(ExtensionsManager.java:308) /
> engineInitialize(EngineExtensionsManager.java:111) /
> initialize(Backend.java:266) / create(Backend.java:138) /
> invoke0(NativeMethodAccessorImpl.java) /
> invoke(NativeMethodAccessorImpl.java:57) /
> invoke(DelegatingMethodAccessorImpl.java:43) / invoke(Method.java:606) /
>
processInvocation(ManagedReferenceLifecycleMethodInterceptorFactory.java:130)
> / proceed(InterceptorContext.java:288) /
> processInvocation(WeavedInterceptor.java:53) /
> proceed(InterceptorContext.java:288) /
> processInvocation(WeldInjectionInterceptor.java:73) /
> proceed(InterceptorContext.java:288) /
> processInvocation(ManagedReferenceInterceptorFactory.java:95) /
> proceed(InterceptorContext.java:288) /
> processInvocation(ManagedReferenceInterceptorFactory.java:95) /
> proceed(InterceptorContext.java:288) /
> processInvocation(WeavedInterceptor.java:53) /
> proceed(InterceptorContext.java:288) /
> processInvocation(NamespaceContextInterceptor.java:50) /
> proceed(InterceptorContext.java:288) /
> invokeInOurTx(CMTTxInterceptor.java:228) /
> requiresNew(CMTTxInterceptor.java:333) /
> processInvocation(SingletonLifecycleCMTTxInterceptor.java:56) /
> proceed(InterceptorContext.java:288) /
> processInvocation(CurrentInvocationContextInterceptor.java:41) /
> proceed(InterceptorContext.java:288) /
> processInvocation(TCCLInterceptor.java:45) /
> proceed(InterceptorContext.java:288) /
> processInvocation(ChainedInterceptor.java:61) /
> constructComponentInstance(BasicComponent.java:161) /
> createInstance(BasicComponent.java:85) /
> getComponentInstance(SingletonComponent.java:116) /
> start(SingletonComponent.java:130) /
start(ComponentStartService.java:44) /
> startService(ServiceControllerImpl.java:1811) /
> run(ServiceControllerImpl.java:1746) /
> runWorker(ThreadPoolExecutor.java:1145) /
run(ThreadPoolExecutor.java:615) /
> run(Thread.java:745)
> 2014-10-20 00:52:11,313 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension 'eayunos' initialized
> 2014-10-20 00:52:11,314 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Initializing extension 'ovirtSyslog'
> 2014-10-20 00:52:11,327 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension 'ovirtSyslog' initialized
> 2014-10-20 00:52:11,327 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Initializing extension ' builtin-authn-eayunos.com '
> 2014-10-20 00:52:11,330 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension ' builtin-authn-eayunos.com ' initialized
> 2014-10-20 00:52:11,331 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Initializing extension ' eayunos.com '
> 2014-10-20 00:52:11,332 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension ' eayunos.com ' initialized
> 2014-10-20 00:52:11,333 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Initializing extension 'internal'
> 2014-10-20 00:52:11,334 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Extension 'internal' initialized
> 2014-10-20 00:52:11,334 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Start of enabled extensions list
> 2014-10-20 00:52:11,335 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Instance name: 'builtin-authn-internal', Extension name:
'Internal
> Authn (Built-in)', Version: 'N/A', Notes: '', License: 'ASL
2.0', Home: '
> http://www.ovirt.org ', Author 'The oVirt Project', Build interface
Version:
> '0', File: 'N/A', Initialized: 'true'
> 2014-10-20 00:52:11,337 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Instance name: 'eayunos', Extension name: 'aaa.ldap.authz',
Version:
> '0.0.0_master', Notes: 'Display name:
>
ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6',
> License: 'ASL 2.0', Home: ' http://www.ovirt.org ', Author 'The
oVirt
> Project', Build interface Version: '0', File:
> '/etc/ovirt-engine/extensions.d/eayunos.properties', Initialized:
'true'
> 2014-10-20 00:52:11,338 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Instance name: 'ovirtSyslog', Extension name: 'Log4jLogger',
Version:
> '0.0.0', Notes: 'Display name:
>
ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6',
> License: 'ASL 2.0', Home: ' http://www.ovirt.org ', Author 'The
oVirt
> Project', Build interface Version: '0', File:
> '/etc/ovirt-engine/extensions.d/Log4jLogger.properties', Initialized:
'true'
> 2014-10-20 00:52:11,340 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Instance name: ' builtin-authn-eayunos.com ', Extension name:
> 'Kerberos/Ldap Authn (Built-in)', Version: 'N/A', Notes: '',
License:
'ASL
> 2.0', Home: ' http://www.ovirt.org ', Author 'The oVirt
Project', Build
> interface Version: '0', File: 'N/A', Initialized: 'true'
> 2014-10-20 00:52:11,342 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Instance name: ' eayunos.com ', Extension name: 'Kerberos/Ldap
Authz
> (Built-in)', Version: 'N/A', Notes: '', License: 'ASL
2.0', Home: '
> http://www.ovirt.org ', Author 'The oVirt Project', Build interface
Version:
> '0', File: 'N/A', Initialized: 'true'
> 2014-10-20 00:52:11,343 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) Instance name: 'internal', Extension name: 'Internal Authz
> (Built-in)', Version: 'N/A', Notes: '', License: 'ASL
2.0', Home: '
> http://www.ovirt.org ', Author 'The oVirt Project', Build interface
Version:
> '0', File: 'N/A', Initialized: 'true'
> 2014-10-20 00:52:11,345 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread
> 1-16) End of enabled extensions list
>
>
> My environment:
>
> # cat /etc/issue
> CentOS release 6.5 (Final)
>
> # rpm -qa |grep aaa-ldap
>
ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch
>
> # rpm -qa |grep ovirt-engine
>
ovirt-engine-setup-plugin-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-extensions-api-impl-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-tools-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-userportal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-extension-aaa-misc-0.0.0-0.0.master.20140902120001.git1fa6912.el6.noarch
> ovirt-engine-lib-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-setup-plugin-ovirt-engine-common-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-cli-3.5.0.6-0.1.20140926.gitbbb1e44.el6.noarch
>
ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6.noarch
> ovirt-engine-setup-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-dbscripts-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-webadmin-portal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-restapi-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-setup-base-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-sdk-python-3.5.0.8-0.1.20140926.gitd3a5e4d.el6.noarch
>
ovirt-engine-setup-plugin-ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
>
ovirt-engine-backend-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-sdk-java-3.5.0.6-0.1.20140910.git05ab94f.el6.noarch
>
ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch
> ovirt-engine-jboss-as-7.1.1-1.el6.x86_64
>
>
> Can anyone give me some help?
>
> Thanks!
>
>
> _______________________________________________
> Users mailing list
> Users(a)ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>