Hi,

I did the following:

1. /etc/ovirt-engine/extensions.d/eayunosAuthn.properties

ovirt.engine.extension.name = eayunosAuthn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = testad
ovirt.engine.aaa.authn.authz.plugin = eayunosAuthz
config.profile.file.1 = /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties

2. /etc/ovirt-engine/extensions.d/eayunosAuthz.properties

ovirt.engine.extension.name = eayunosAuthz
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module = org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class = org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 = /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties

3. /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties (I just modified the fiirst three variables)

include = <ad.properties>

vars.user = lijiansheng
vars.password = 1qaz@WSX
vars.domain = eayunos.com
vars.dns = dns://dc1.${global:vars.domain} dns://dc2.${global:vars.domain}

pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url = ${global:vars.dns}
pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
pool.default.ssl.startTLS = true
pool.default.ssl.truststore.file = ${local:_basedir}/${global:vars.domain}.jks
pool.default.ssl.truststore.password = changeit
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}


And this time there is another error in engine.log:

2014-10-20 01:59:32,291 INFO  [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-3) Loading extension 'eayunosAuthn'
2014-10-20 01:59:32,839 ERROR [org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC service thread 1-3) Could not load extension based on configuration file '/etc/ovirt-engine/extensions.d/eayunosAuthn.properties'. Please check the configuration file is valid. Exception message is: Error loading extension 'eayunosAuthn': Exception: class java.lang.StackOverflowError: null
2014-10-20 01:59:32,843 INFO  [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread 1-3) Loading extension 'eayunosAuthz'
2014-10-20 01:59:33,206 ERROR [org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC service thread 1-3) Could not load extension based on configuration file '/etc/ovirt-engine/extensions.d/eayunosAuthz.properties'. Please check the configuration file is valid. Exception message is: Error loading extension 'eayunosAuthz': Exception: class java.lang.StackOverflowError: null


Thanks for your help :)

plysan


2014-10-20 1:09 GMT+08:00 Alon Bar-Lev <alonbl@redhat.com>:
Hi,

You need to refer to ad.properties from your profile, in this profile you need to specify credentials and settings to access the active directory.

For example, how can the implementation guess where your active directory is? what is the user that is to be used to access it?

Please follow extension configuration[1] and create two extensions per documentation.
1. authn - authentication
2. authz - authorization.

Both extensions should refer to your profile[2] that specifies the required information.

Regards,
Alon

[1] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l17
[2] http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=blob;f=README;hb=HEAD#l97

----- Original Message -----
> From: "plysan" <plysab@gmail.com>
> To: "Users@ovirt.org List" <users@ovirt.org>
> Sent: Sunday, October 19, 2014 7:58:48 PM
> Subject: [ovirt-users] Null object error with ovirt-engine-extension-ldap
>
> Hello,
>
> After I adding a AD directory server to oVirt using manage-domains, I
> installed the extension-ldap package. My setup is as follows:
>
> 1. /etc/ovirt-engine/extensions.d/eayunos.properties
>
> ovirt.engine.extension.name = eayunos
> ovirt.engine.extension.bindings.method = jbossmodule
> ovirt.engine.extension.binding.jbossmodule.module =
> org.ovirt.engine-extensions.aaa.ldap
> ovirt.engine.extension.binding.jbossmodule.class =
> org.ovirt.engineextensions.aaa.ldap.AuthzExtension
> ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
> config.profile.file.1 =
> /usr/share/ovirt-engine-extension-aaa-ldap/profiles/ad.properties
>
> 2. restart ovirt
>
> But after that there is a error in engine.log:
>
> 2014-10-20 00:52:11,199 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Loading extension 'builtin-authn-internal'
> 2014-10-20 00:52:11,201 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension 'builtin-authn-internal' loaded
> 2014-10-20 00:52:11,202 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Loading extension 'internal'
> 2014-10-20 00:52:11,203 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension 'internal' loaded
> 2014-10-20 00:52:11,218 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Loading extension ' builtin-authn-eayunos.com '
> 2014-10-20 00:52:11,232 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension ' builtin-authn-eayunos.com ' loaded
> 2014-10-20 00:52:11,245 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Loading extension ' eayunos.com '
> 2014-10-20 00:52:11,247 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension ' eayunos.com ' loaded
> 2014-10-20 00:52:11,252 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Loading extension 'ovirtSyslog'
> 2014-10-20 00:52:11,253 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension 'ovirtSyslog' loaded
> 2014-10-20 00:52:11,257 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Loading extension 'eayunos'
> 2014-10-20 00:52:11,286 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension 'eayunos' loaded
> 2014-10-20 00:52:11,287 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Initializing extension 'builtin-authn-internal'
> 2014-10-20 00:52:11,288 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension 'builtin-authn-internal' initialized
> 2014-10-20 00:52:11,289 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Initializing extension 'eayunos'
> 2014-10-20 00:52:11,290 INFO [org.ovirt.engineextensions.aaa.ldap.Framework]
> (MSC service thread 1-16) Creating LDAP pool 'authz' for 'eayunos'
> 2014-10-20 00:52:11,305 ERROR
> [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
> 1-16) Cannot initialize LDAP framework, deferring initialization. Error: A
> null object was provided where a non-null object is required (non-null index
> 0). Thread stack trace: getStackTrace(Thread.java:1589) /
> ensureNotNull(Validator.java:60) / <init>(SingleServerSet.java:140) /
> createConnectionPool(Framework.java:516) / createPool(Framework.java:632) /
> runSequence(Framework.java:1312) / open(Framework.java:666) /
> ensureFramework(AuthzExtension.java:104) / doInit(AuthzExtension.java:436) /
> invoke(AuthzExtension.java:368) / invoke(ExtensionProxy.java:49) /
> invoke(ExtensionProxy.java:73) / invoke(ExtensionProxy.java:109) /
> initialize(ExtensionsManager.java:308) /
> engineInitialize(EngineExtensionsManager.java:111) /
> initialize(Backend.java:266) / create(Backend.java:138) /
> invoke0(NativeMethodAccessorImpl.java) /
> invoke(NativeMethodAccessorImpl.java:57) /
> invoke(DelegatingMethodAccessorImpl.java:43) / invoke(Method.java:606) /
> processInvocation(ManagedReferenceLifecycleMethodInterceptorFactory.java:130)
> / proceed(InterceptorContext.java:288) /
> processInvocation(WeavedInterceptor.java:53) /
> proceed(InterceptorContext.java:288) /
> processInvocation(WeldInjectionInterceptor.java:73) /
> proceed(InterceptorContext.java:288) /
> processInvocation(ManagedReferenceInterceptorFactory.java:95) /
> proceed(InterceptorContext.java:288) /
> processInvocation(ManagedReferenceInterceptorFactory.java:95) /
> proceed(InterceptorContext.java:288) /
> processInvocation(WeavedInterceptor.java:53) /
> proceed(InterceptorContext.java:288) /
> processInvocation(NamespaceContextInterceptor.java:50) /
> proceed(InterceptorContext.java:288) /
> invokeInOurTx(CMTTxInterceptor.java:228) /
> requiresNew(CMTTxInterceptor.java:333) /
> processInvocation(SingletonLifecycleCMTTxInterceptor.java:56) /
> proceed(InterceptorContext.java:288) /
> processInvocation(CurrentInvocationContextInterceptor.java:41) /
> proceed(InterceptorContext.java:288) /
> processInvocation(TCCLInterceptor.java:45) /
> proceed(InterceptorContext.java:288) /
> processInvocation(ChainedInterceptor.java:61) /
> constructComponentInstance(BasicComponent.java:161) /
> createInstance(BasicComponent.java:85) /
> getComponentInstance(SingletonComponent.java:116) /
> start(SingletonComponent.java:130) / start(ComponentStartService.java:44) /
> startService(ServiceControllerImpl.java:1811) /
> run(ServiceControllerImpl.java:1746) /
> runWorker(ThreadPoolExecutor.java:1145) / run(ThreadPoolExecutor.java:615) /
> run(Thread.java:745)
> 2014-10-20 00:52:11,313 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension 'eayunos' initialized
> 2014-10-20 00:52:11,314 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Initializing extension 'ovirtSyslog'
> 2014-10-20 00:52:11,327 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension 'ovirtSyslog' initialized
> 2014-10-20 00:52:11,327 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Initializing extension ' builtin-authn-eayunos.com '
> 2014-10-20 00:52:11,330 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension ' builtin-authn-eayunos.com ' initialized
> 2014-10-20 00:52:11,331 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Initializing extension ' eayunos.com '
> 2014-10-20 00:52:11,332 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension ' eayunos.com ' initialized
> 2014-10-20 00:52:11,333 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Initializing extension 'internal'
> 2014-10-20 00:52:11,334 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Extension 'internal' initialized
> 2014-10-20 00:52:11,334 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Start of enabled extensions list
> 2014-10-20 00:52:11,335 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Instance name: 'builtin-authn-internal', Extension name: 'Internal
> Authn (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: '
> http://www.ovirt.org ', Author 'The oVirt Project', Build interface Version:
> '0', File: 'N/A', Initialized: 'true'
> 2014-10-20 00:52:11,337 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Instance name: 'eayunos', Extension name: 'aaa.ldap.authz', Version:
> '0.0.0_master', Notes: 'Display name:
> ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6',
> License: 'ASL 2.0', Home: ' http://www.ovirt.org ', Author 'The oVirt
> Project', Build interface Version: '0', File:
> '/etc/ovirt-engine/extensions.d/eayunos.properties', Initialized: 'true'
> 2014-10-20 00:52:11,338 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Instance name: 'ovirtSyslog', Extension name: 'Log4jLogger', Version:
> '0.0.0', Notes: 'Display name:
> ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6',
> License: 'ASL 2.0', Home: ' http://www.ovirt.org ', Author 'The oVirt
> Project', Build interface Version: '0', File:
> '/etc/ovirt-engine/extensions.d/Log4jLogger.properties', Initialized: 'true'
> 2014-10-20 00:52:11,340 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Instance name: ' builtin-authn-eayunos.com ', Extension name:
> 'Kerberos/Ldap Authn (Built-in)', Version: 'N/A', Notes: '', License: 'ASL
> 2.0', Home: ' http://www.ovirt.org ', Author 'The oVirt Project', Build
> interface Version: '0', File: 'N/A', Initialized: 'true'
> 2014-10-20 00:52:11,342 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Instance name: ' eayunos.com ', Extension name: 'Kerberos/Ldap Authz
> (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: '
> http://www.ovirt.org ', Author 'The oVirt Project', Build interface Version:
> '0', File: 'N/A', Initialized: 'true'
> 2014-10-20 00:52:11,343 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) Instance name: 'internal', Extension name: 'Internal Authz
> (Built-in)', Version: 'N/A', Notes: '', License: 'ASL 2.0', Home: '
> http://www.ovirt.org ', Author 'The oVirt Project', Build interface Version:
> '0', File: 'N/A', Initialized: 'true'
> 2014-10-20 00:52:11,345 INFO
> [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service thread
> 1-16) End of enabled extensions list
>
>
> My environment:
>
> # cat /etc/issue
> CentOS release 6.5 (Final)
>
> # rpm -qa |grep aaa-ldap
> ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch
>
> # rpm -qa |grep ovirt-engine
> ovirt-engine-setup-plugin-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-extensions-api-impl-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-tools-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-userportal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-extension-aaa-misc-0.0.0-0.0.master.20140902120001.git1fa6912.el6.noarch
> ovirt-engine-lib-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-setup-plugin-ovirt-engine-common-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-cli-3.5.0.6-0.1.20140926.gitbbb1e44.el6.noarch
> ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6.noarch
> ovirt-engine-setup-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-dbscripts-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-webadmin-portal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-restapi-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-setup-base-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-sdk-python-3.5.0.8-0.1.20140926.gitd3a5e4d.el6.noarch
> ovirt-engine-setup-plugin-ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-backend-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> ovirt-engine-sdk-java-3.5.0.6-0.1.20140910.git05ab94f.el6.noarch
> ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch
> ovirt-engine-jboss-as-7.1.1-1.el6.x86_64
>
>
> Can anyone give me some help?
>
> Thanks!
>
>
> _______________________________________________
> Users mailing list
> Users@ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
>