From: "plysan" <plysab(a)gmail.com>
To: "Alon Bar-Lev" <alonbl(a)redhat.com>
Cc: "Users(a)ovirt.org List" <users(a)ovirt.org>
Sent: Sunday, October 19, 2014 9:06:37 PM
Subject: Re: [ovirt-users] Null object error with ovirt-engine-extension-ldap
Hi,
I did the following:
1. /etc/ovirt-engine/extensions.d/eayunosAuthn.properties
ovirt.engine.extension.name = eayunosAuthn
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthnExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authn
ovirt.engine.aaa.authn.profile.name = testad
ovirt.engine.aaa.authn.authz.plugin = eayunosAuthz
config.profile.file.1 =
/usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties
please use your own file, put it at /etc/ovirt-engine/aaa or something, please do not
override package files.
2. /etc/ovirt-engine/extensions.d/eayunosAuthz.properties
ovirt.engine.extension.name = eayunosAuthz
ovirt.engine.extension.bindings.method = jbossmodule
ovirt.engine.extension.binding.jbossmodule.module =
org.ovirt.engine-extensions.aaa.ldap
ovirt.engine.extension.binding.jbossmodule.class =
org.ovirt.engineextensions.aaa.ldap.AuthzExtension
ovirt.engine.extension.provides = org.ovirt.engine.api.extensions.aaa.Authz
config.profile.file.1 =
/usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties
3. /usr/share/ovirt-engine-extension-aaa-ldap/profiles/common.properties (I
just modified the fiirst three variables)
please use your own file, put it at /etc/ovirt-engine/aaa or something, please do not
override package files.
pool.default.serverset.type = srvrecord
pool.default.serverset.srvrecord.domain = ${global:vars.domain}
pool.default.serverset.srvrecord.jndi-properties.java.naming.provider.url =
${global:vars.dns}
pool.default.socketfactory.resolver.uRL = ${global:vars.dns}
pool.default.ssl.startTLS = true
pool.default.ssl.truststore.file =
${local:_basedir}/${global:vars.domain}.jks
pool.default.ssl.truststore.password = changeit
pool.default.auth.simple.bindDN = ${global:vars.user}
pool.default.auth.simple.password = ${global:vars.password}
And this time there is another error in engine.log:
2014-10-20 01:59:32,291 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread 1-3) Loading extension 'eayunosAuthn'
2014-10-20 01:59:32,839 ERROR
[org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC
service thread 1-3) Could not load extension based on configuration file
'/etc/ovirt-engine/extensions.d/eayunosAuthn.properties'. Please check the
configuration file is valid. Exception message is: Error loading extension
'eayunosAuthn': Exception: class java.lang.StackOverflowError: null
yes, as the ad.properties includes common.properties which you modified to include
ad.properties, so you created infinite loop.
2014-10-20 01:59:32,843 INFO
[org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
thread 1-3) Loading extension 'eayunosAuthz'
2014-10-20 01:59:33,206 ERROR
[org.ovirt.engine.core.utils.extensionsmgr.EngineExtensionsManager] (MSC
service thread 1-3) Could not load extension based on configuration file
'/etc/ovirt-engine/extensions.d/eayunosAuthz.properties'. Please check the
configuration file is valid. Exception message is: Error loading extension
'eayunosAuthz': Exception: class java.lang.StackOverflowError: null
Thanks for your help :)
plysan
2014-10-20 1:09 GMT+08:00 Alon Bar-Lev <alonbl(a)redhat.com>:
> Hi,
>
> You need to refer to ad.properties from your profile, in this profile you
> need to specify credentials and settings to access the active directory.
>
> For example, how can the implementation guess where your active directory
> is? what is the user that is to be used to access it?
>
> Please follow extension configuration[1] and create two extensions per
> documentation.
> 1. authn - authentication
> 2. authz - authorization.
>
> Both extensions should refer to your profile[2] that specifies the
> required information.
>
> Regards,
> Alon
>
> [1]
>
http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=bl...
> [2]
>
http://gerrit.ovirt.org/gitweb?p=ovirt-engine-extension-aaa-ldap.git;a=bl...
>
> ----- Original Message -----
> > From: "plysan" <plysab(a)gmail.com>
> > To: "Users(a)ovirt.org List" <users(a)ovirt.org>
> > Sent: Sunday, October 19, 2014 7:58:48 PM
> > Subject: [ovirt-users] Null object error with ovirt-engine-extension-ldap
> >
> > Hello,
> >
> > After I adding a AD directory server to oVirt using manage-domains, I
> > installed the extension-ldap package. My setup is as follows:
> >
> > 1. /etc/ovirt-engine/extensions.d/eayunos.properties
> >
> > ovirt.engine.extension.name = eayunos
> > ovirt.engine.extension.bindings.method = jbossmodule
> > ovirt.engine.extension.binding.jbossmodule.module =
> > org.ovirt.engine-extensions.aaa.ldap
> > ovirt.engine.extension.binding.jbossmodule.class =
> > org.ovirt.engineextensions.aaa.ldap.AuthzExtension
> > ovirt.engine.extension.provides =
> org.ovirt.engine.api.extensions.aaa.Authz
> > config.profile.file.1 =
> > /usr/share/ovirt-engine-extension-aaa-ldap/profiles/ad.properties
> >
> > 2. restart ovirt
> >
> > But after that there is a error in engine.log:
> >
> > 2014-10-20 00:52:11,199 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Loading extension 'builtin-authn-internal'
> > 2014-10-20 00:52:11,201 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension 'builtin-authn-internal' loaded
> > 2014-10-20 00:52:11,202 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Loading extension 'internal'
> > 2014-10-20 00:52:11,203 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension 'internal' loaded
> > 2014-10-20 00:52:11,218 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Loading extension '
builtin-authn-eayunos.com '
> > 2014-10-20 00:52:11,232 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension '
builtin-authn-eayunos.com ' loaded
> > 2014-10-20 00:52:11,245 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Loading extension '
eayunos.com '
> > 2014-10-20 00:52:11,247 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension '
eayunos.com ' loaded
> > 2014-10-20 00:52:11,252 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Loading extension 'ovirtSyslog'
> > 2014-10-20 00:52:11,253 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension 'ovirtSyslog' loaded
> > 2014-10-20 00:52:11,257 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Loading extension 'eayunos'
> > 2014-10-20 00:52:11,286 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension 'eayunos' loaded
> > 2014-10-20 00:52:11,287 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Initializing extension 'builtin-authn-internal'
> > 2014-10-20 00:52:11,288 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension 'builtin-authn-internal' initialized
> > 2014-10-20 00:52:11,289 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Initializing extension 'eayunos'
> > 2014-10-20 00:52:11,290 INFO
> [org.ovirt.engineextensions.aaa.ldap.Framework]
> > (MSC service thread 1-16) Creating LDAP pool 'authz' for
'eayunos'
> > 2014-10-20 00:52:11,305 ERROR
> > [org.ovirt.engineextensions.aaa.ldap.AuthzExtension] (MSC service thread
> > 1-16) Cannot initialize LDAP framework, deferring initialization. Error:
> A
> > null object was provided where a non-null object is required (non-null
> index
> > 0). Thread stack trace: getStackTrace(Thread.java:1589) /
> > ensureNotNull(Validator.java:60) / <init>(SingleServerSet.java:140) /
> > createConnectionPool(Framework.java:516) /
> createPool(Framework.java:632) /
> > runSequence(Framework.java:1312) / open(Framework.java:666) /
> > ensureFramework(AuthzExtension.java:104) /
> doInit(AuthzExtension.java:436) /
> > invoke(AuthzExtension.java:368) / invoke(ExtensionProxy.java:49) /
> > invoke(ExtensionProxy.java:73) / invoke(ExtensionProxy.java:109) /
> > initialize(ExtensionsManager.java:308) /
> > engineInitialize(EngineExtensionsManager.java:111) /
> > initialize(Backend.java:266) / create(Backend.java:138) /
> > invoke0(NativeMethodAccessorImpl.java) /
> > invoke(NativeMethodAccessorImpl.java:57) /
> > invoke(DelegatingMethodAccessorImpl.java:43) / invoke(Method.java:606) /
> >
> processInvocation(ManagedReferenceLifecycleMethodInterceptorFactory.java:130)
> > / proceed(InterceptorContext.java:288) /
> > processInvocation(WeavedInterceptor.java:53) /
> > proceed(InterceptorContext.java:288) /
> > processInvocation(WeldInjectionInterceptor.java:73) /
> > proceed(InterceptorContext.java:288) /
> > processInvocation(ManagedReferenceInterceptorFactory.java:95) /
> > proceed(InterceptorContext.java:288) /
> > processInvocation(ManagedReferenceInterceptorFactory.java:95) /
> > proceed(InterceptorContext.java:288) /
> > processInvocation(WeavedInterceptor.java:53) /
> > proceed(InterceptorContext.java:288) /
> > processInvocation(NamespaceContextInterceptor.java:50) /
> > proceed(InterceptorContext.java:288) /
> > invokeInOurTx(CMTTxInterceptor.java:228) /
> > requiresNew(CMTTxInterceptor.java:333) /
> > processInvocation(SingletonLifecycleCMTTxInterceptor.java:56) /
> > proceed(InterceptorContext.java:288) /
> > processInvocation(CurrentInvocationContextInterceptor.java:41) /
> > proceed(InterceptorContext.java:288) /
> > processInvocation(TCCLInterceptor.java:45) /
> > proceed(InterceptorContext.java:288) /
> > processInvocation(ChainedInterceptor.java:61) /
> > constructComponentInstance(BasicComponent.java:161) /
> > createInstance(BasicComponent.java:85) /
> > getComponentInstance(SingletonComponent.java:116) /
> > start(SingletonComponent.java:130) /
> start(ComponentStartService.java:44) /
> > startService(ServiceControllerImpl.java:1811) /
> > run(ServiceControllerImpl.java:1746) /
> > runWorker(ThreadPoolExecutor.java:1145) /
> run(ThreadPoolExecutor.java:615) /
> > run(Thread.java:745)
> > 2014-10-20 00:52:11,313 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension 'eayunos' initialized
> > 2014-10-20 00:52:11,314 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Initializing extension 'ovirtSyslog'
> > 2014-10-20 00:52:11,327 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension 'ovirtSyslog' initialized
> > 2014-10-20 00:52:11,327 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Initializing extension '
builtin-authn-eayunos.com '
> > 2014-10-20 00:52:11,330 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension '
builtin-authn-eayunos.com ' initialized
> > 2014-10-20 00:52:11,331 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Initializing extension '
eayunos.com '
> > 2014-10-20 00:52:11,332 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension '
eayunos.com ' initialized
> > 2014-10-20 00:52:11,333 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Initializing extension 'internal'
> > 2014-10-20 00:52:11,334 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Extension 'internal' initialized
> > 2014-10-20 00:52:11,334 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Start of enabled extensions list
> > 2014-10-20 00:52:11,335 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Instance name: 'builtin-authn-internal', Extension name:
'Internal
> > Authn (Built-in)', Version: 'N/A', Notes: '', License:
'ASL 2.0', Home: '
> >
http://www.ovirt.org ', Author 'The oVirt Project', Build
interface
> Version:
> > '0', File: 'N/A', Initialized: 'true'
> > 2014-10-20 00:52:11,337 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Instance name: 'eayunos', Extension name:
'aaa.ldap.authz',
> Version:
> > '0.0.0_master', Notes: 'Display name:
> >
>
ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6',
> > License: 'ASL 2.0', Home: '
http://www.ovirt.org ', Author
'The oVirt
> > Project', Build interface Version: '0', File:
> > '/etc/ovirt-engine/extensions.d/eayunos.properties', Initialized:
'true'
> > 2014-10-20 00:52:11,338 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Instance name: 'ovirtSyslog', Extension name:
'Log4jLogger',
> Version:
> > '0.0.0', Notes: 'Display name:
> >
> ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6',
> > License: 'ASL 2.0', Home: '
http://www.ovirt.org ', Author
'The oVirt
> > Project', Build interface Version: '0', File:
> > '/etc/ovirt-engine/extensions.d/Log4jLogger.properties', Initialized:
> 'true'
> > 2014-10-20 00:52:11,340 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Instance name: '
builtin-authn-eayunos.com ', Extension name:
> > 'Kerberos/Ldap Authn (Built-in)', Version: 'N/A', Notes:
'', License:
> 'ASL
> > 2.0', Home: '
http://www.ovirt.org ', Author 'The oVirt
Project', Build
> > interface Version: '0', File: 'N/A', Initialized:
'true'
> > 2014-10-20 00:52:11,342 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Instance name: '
eayunos.com ', Extension name:
'Kerberos/Ldap
> Authz
> > (Built-in)', Version: 'N/A', Notes: '', License: 'ASL
2.0', Home: '
> >
http://www.ovirt.org ', Author 'The oVirt Project', Build
interface
> Version:
> > '0', File: 'N/A', Initialized: 'true'
> > 2014-10-20 00:52:11,343 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) Instance name: 'internal', Extension name: 'Internal Authz
> > (Built-in)', Version: 'N/A', Notes: '', License: 'ASL
2.0', Home: '
> >
http://www.ovirt.org ', Author 'The oVirt Project', Build
interface
> Version:
> > '0', File: 'N/A', Initialized: 'true'
> > 2014-10-20 00:52:11,345 INFO
> > [org.ovirt.engine.core.extensions.mgr.ExtensionsManager] (MSC service
> thread
> > 1-16) End of enabled extensions list
> >
> >
> > My environment:
> >
> > # cat /etc/issue
> > CentOS release 6.5 (Final)
> >
> > # rpm -qa |grep aaa-ldap
> >
>
ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch
> >
> > # rpm -qa |grep ovirt-engine
> >
>
ovirt-engine-setup-plugin-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
>
ovirt-engine-extensions-api-impl-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> > ovirt-engine-tools-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
> ovirt-engine-userportal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
>
ovirt-engine-extension-aaa-misc-0.0.0-0.0.master.20140902120001.git1fa6912.el6.noarch
> > ovirt-engine-lib-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
>
ovirt-engine-setup-plugin-ovirt-engine-common-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
> ovirt-engine-websocket-proxy-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> > ovirt-engine-cli-3.5.0.6-0.1.20140926.gitbbb1e44.el6.noarch
> >
> ovirt-engine-extension-logger-log4j-0.0.0-1.20141006155019.gitfef2d2a.el6.noarch
> > ovirt-engine-setup-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
> ovirt-engine-dbscripts-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
> ovirt-engine-webadmin-portal-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
> ovirt-engine-restapi-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> > ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
> ovirt-engine-setup-base-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> > ovirt-engine-sdk-python-3.5.0.8-0.1.20140926.gitd3a5e4d.el6.noarch
> >
>
ovirt-engine-setup-plugin-ovirt-engine-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> >
> ovirt-engine-backend-3.5.1-0.0.master.20141017171921.git1b75b82.el6.noarch
> > ovirt-engine-sdk-java-3.5.0.6-0.1.20140910.git05ab94f.el6.noarch
> >
>
ovirt-engine-extension-aaa-ldap-0.0.0-0.0.master.20141018224300.gita43f663.el6.noarch
> > ovirt-engine-jboss-as-7.1.1-1.el6.x86_64
> >
> >
> > Can anyone give me some help?
> >
> > Thanks!
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users(a)ovirt.org
> >
http://lists.ovirt.org/mailman/listinfo/users
> >
>