
Sorry, I misunderstood. This is outputs after LDAP user logged in. 2014-09-22 21:01:32,619 DEBUG [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (ajp--127.0.0.1-8702-4) doAuthenticateCredentials Entry user='Fumihide' 2014-09-22 21:01:32,620 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) runSequence entry name='authn' 2014-09-22 21:01:32,621 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Running sequence authn/010/call resolve user 2014-09-22 21:01:32,621 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,621 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,622 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,622 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,622 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,623 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,623 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,623 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) search_attr__dn = 2014-09-22 21:01:32,623 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,624 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,624 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,624 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,625 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,625 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,626 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,626 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,626 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,627 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,627 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,627 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) runSequence entry name='simple-resolve-user' 2014-09-22 21:01:32,627 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Running sequence simple-resolve-user/010/fetch-record resolve user 2014-09-22 21:01:32,628 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,628 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,628 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,628 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,629 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,629 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,629 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,629 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) search_attr__dn = 2014-09-22 21:01:32,630 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,630 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,630 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,631 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,631 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,631 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,631 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,632 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,632 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,632 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,632 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,633 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) searchOpen Entry name='simple-user-mapping', pageSize=0, limit=5 2014-09-22 21:01:32,633 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Creating SearchRequest 2014-09-22 21:01:32,634 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchRequest: SearchRequest(baseDN='dc=rxc05271,dc=com', scope=SUB, deref=NEVER, sizeLimit=0, timeLimit=0, filter='&(objectClass=uidObject)(uid=*)(uid=Fumihide)', attrs={entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail}) 2014-09-22 21:01:32,635 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Entry name='authz' 2014-09-22 21:01:32,635 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Entry name='map-principal-record' 2014-09-22 21:01:32,635 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) AttrMapInfo Return [AttrMapInfo(PrincipalRecord_DEPARTMENT, STRING, '%s', department), AttrMapInfo(PrincipalRecord_DISPLAY_NAME, STRING, '%s', displayName), AttrMapInfo(PrincipalRecord_DN, STRING, '%s', _dn), AttrMapInfo(PrincipalRecord_EMAIL, STRING, '%s', mail), AttrMapInfo(PrincipalRecord_FIRST_NAME, STRING, '%s', givenName), AttrMapInfo(PrincipalRecord_GROUPS_RAW, STRING, '%s', memberOf), AttrMapInfo(PrincipalRecord_ID, STRING, '%s', entryUUID), AttrMapInfo(PrincipalRecord_LAST_NAME, STRING, '%s', sn), AttrMapInfo(PrincipalRecord_NAME, STRING, '%s', uid), AttrMapInfo(PrincipalRecord_PRINCIPAL, STRING, '%s', uid), AttrMapInfo(PrincipalRecord_TITLE, STRING, '%s', title)] 2014-09-22 21:01:32,637 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchOpen Return SearchInstance(searchRequest='SearchRequest(baseDN='dc=rxc05271,dc=com', scope=SUB, deref=NEVER, sizeLimit=0, timeLimit=0, filter='&(objectClass=uidObject)(uid=*)(uid=Fumihide)', attrs={entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail})', doPaging=true, resumeCookie='null', pageSize=100, limitLeft=5, done=false) 2014-09-22 21:01:32,638 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Enter 2014-09-22 21:01:32,638 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchRequest: SearchRequest(baseDN='dc=rxc05271,dc=com', scope=SUB, deref=NEVER, sizeLimit=0, timeLimit=0, filter='&(objectClass=uidObject)(uid=*)(uid=Fumihide)', attrs={entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail}, controls={SimplePagedResultsControl(pageSize=100, isCritical=false)}) 2014-09-22 21:01:32,640 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchResult: SearchResult(resultCode=0 (success), messageID=3, entriesReturned=0, referencesReturned=0, responseControls={SimplePagedResultsControl(pageSize=0, isCritical=false)}) 2014-09-22 21:01:32,641 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchReferences: [] 2014-09-22 21:01:32,641 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) SearchReferences: [] 2014-09-22 21:01:32,641 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Return: null 2014-09-22 21:01:32,642 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) End sequence simple-resolve-user resolve user 2014-09-22 21:01:32,642 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,642 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,643 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,643 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,643 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,643 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,644 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,644 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,644 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,644 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,645 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,645 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,645 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,646 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,646 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,646 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,646 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,647 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,647 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Running sequence simple-resolve-user/020/call no user? 2014-09-22 21:01:32,647 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,648 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,648 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,648 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,648 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,649 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,649 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,649 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,649 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,650 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,650 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,650 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,651 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,651 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,651 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,652 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,652 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,652 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,652 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) runSequence entry name='simple-resolve-user-error' 2014-09-22 21:01:32,653 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Running sequence simple-resolve-user-error/010/var-set error 2014-09-22 21:01:32,653 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,653 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,653 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,654 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,654 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,654 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,654 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,655 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,655 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,655 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,656 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,656 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,656 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,656 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,657 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,657 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,657 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,658 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,658 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) End sequence simple-resolve-user-error error 2014-09-22 21:01:32,658 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,658 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,659 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,659 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,659 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,659 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,660 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,660 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) resultCode = INVALID_CREDENTIALS 2014-09-22 21:01:32,660 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,660 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,661 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,661 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,661 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,662 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,662 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,662 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,663 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,663 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,663 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,663 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Running sequence simple-resolve-user-error/020/var-set error 2014-09-22 21:01:32,664 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,664 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,664 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,664 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,665 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,665 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,665 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,665 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) resultCode = INVALID_CREDENTIALS 2014-09-22 21:01:32,666 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,666 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,666 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,667 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,667 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,667 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,668 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,668 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,668 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,668 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,669 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,669 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) End sequence simple-resolve-user-error error 2014-09-22 21:01:32,669 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,670 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,670 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authTranslatedMessage = CREDENTIALS_INVALID 2014-09-22 21:01:32,670 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,671 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,671 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,672 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,672 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,673 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) resultCode = INVALID_CREDENTIALS 2014-09-22 21:01:32,673 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,674 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,674 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,675 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,675 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,676 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,676 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,677 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,677 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,677 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,677 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,678 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) Running sequence simple-resolve-user-error/030/stop stop 2014-09-22 21:01:32,678 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,678 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,679 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authTranslatedMessage = CREDENTIALS_INVALID 2014-09-22 21:01:32,679 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,679 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,679 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,680 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,680 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,680 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) resultCode = INVALID_CREDENTIALS 2014-09-22 21:01:32,680 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,681 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,681 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,681 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,682 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,682 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,682 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,683 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,683 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = false 2014-09-22 21:01:32,683 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,683 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,684 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) End sequence simple-resolve-user-error stop 2014-09-22 21:01:32,684 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,684 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,684 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authTranslatedMessage = CREDENTIALS_INVALID 2014-09-22 21:01:32,685 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,685 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,685 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,685 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,686 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,686 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) resultCode = INVALID_CREDENTIALS 2014-09-22 21:01:32,686 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,686 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,687 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,687 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,687 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,688 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,688 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,688 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,689 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = true 2014-09-22 21:01:32,689 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,689 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,689 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) runSequence Return name='simple-resolve-user-error' 2014-09-22 21:01:32,690 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) End sequence simple-resolve-user no user? 2014-09-22 21:01:32,690 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,690 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,690 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authTranslatedMessage = CREDENTIALS_INVALID 2014-09-22 21:01:32,691 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,691 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,691 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,691 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,692 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,692 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) resultCode = INVALID_CREDENTIALS 2014-09-22 21:01:32,692 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,692 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,693 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,693 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,693 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,694 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,694 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,694 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,694 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = true 2014-09-22 21:01:32,695 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,695 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,695 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) runSequence Return name='simple-resolve-user' 2014-09-22 21:01:32,695 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) End sequence authn resolve user 2014-09-22 21:01:32,696 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-BEGIN 2014-09-22 21:01:32,696 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) _simple_baseDN = dc=rxc05271,dc=com 2014-09-22 21:01:32,696 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authTranslatedMessage = CREDENTIALS_INVALID 2014-09-22 21:01:32,696 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) authn_enable = 1 2014-09-22 21:01:32,697 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_credentialsChange = false 2014-09-22 21:01:32,697 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) capability_resucrsiveGroupResolution = false 2014-09-22 21:01:32,697 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) maxFilterSize = 50 2014-09-22 21:01:32,697 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) password = *** 2014-09-22 21:01:32,698 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) resultCode = INVALID_CREDENTIALS 2014-09-22 21:01:32,698 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) sensitiveKeys = , password, passwordNew 2014-09-22 21:01:32,698 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsBaseDN = namingContexts 2014-09-22 21:01:32,699 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsGroupRecord = entryUUID, cn, description, memberOf 2014-09-22 21:01:32,699 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsPrincipalRecord = entryUUID, uid, displayName, memberOf, department, givenName, sn, title, mail 2014-09-22 21:01:32,699 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_attrsUserName = uid 2014-09-22 21:01:32,699 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_bindFormat = dn 2014-09-22 21:01:32,700 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterGroupObject = (objectClass=groupOfNames) 2014-09-22 21:01:32,700 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) simple_filterUserObject = (objectClass=uidObject)(uid=*) 2014-09-22 21:01:32,700 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) stop = true 2014-09-22 21:01:32,701 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) user = Fumihide 2014-09-22 21:01:32,701 TRACE [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) VARS-END 2014-09-22 21:01:32,701 DEBUG [org.ovirt.engineextensions.aaa.ldap.Framework] (ajp--127.0.0.1-8702-4) runSequence Return name='authn' 2014-09-22 21:01:32,702 DEBUG [org.ovirt.engineextensions.aaa.ldap.AuthnExtension] (ajp--127.0.0.1-8702-4) doAuthenticateCredentials Return {Extkey[name=AAA_AUTHN_RESULT;type=class java.lang.Integer;uuid=AAA_AUTHN_RESULT[af9771dc-a0bb-417d-a700-277616aedd85];]=12} 2014-09-22 21:01:32,702 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-4) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 21:01:32,713 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-4) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 21:01:32,724 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-4) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 21:01:32,724 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-4) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD (2014/09/22 20:41), Alon Bar-Lev wrote:
Not sure what adds crlf to your file... please use *NIX editor, please use dos2unix to remove these,
Per our previous discussion, you should modify: <file-handler name="ENGINE" autoflush="true"> <level name="INFO"/> Into: <file-handler name="ENGINE" autoflush="true"> <level name="FINEST"/>
You should see a difference. Thanks!
----- Original Message -----
From: "Fumihide Tani" <RXC05271@nifty.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: users@ovirt.org Sent: Monday, September 22, 2014 2:36:05 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP.
Hi, Alon,
I modified ovirt-engine.xml.in and restarted ovirt-engine. Attached is the modified ovirt-engine.xml.in. The engine.log outputs are fllowing: (Unfortunately it became the same result.)
----- 2014-09-22 19:48:11,245 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-2) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 19:48:11,257 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 19:48:11,265 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 19:48:11,266 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-2) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD -----
As a cause of fail to OpenLDAP user login, I suspect that the my openldap password encryption method setting not meet with the ovirt. Is there any method to verify?
Thanks,
(2014/09/22 19:15), Alon Bar-Lev wrote:
You need to add the following:
+ <logger category="org.ovirt.engineextensions.aaa.ldap"> + <level name="FINEST"/> + </logger> <logger category="org.ovirt.engine.core.bll">
Look at the + lines, please add these (without the +) just before: <logger category="org.ovirt.engine.core.bll">
Thanks!
----- Original Message -----
From: "Fumihide Tani" <RXC05271@nifty.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: users@ovirt.org Sent: Monday, September 22, 2014 1:10:57 PM Subject: Re: [ovirt-users] Can not configure with simple LDAP.
(2014/09/22 15:00), Alon Bar-Lev wrote:
----- Original Message -----
From: "Fumihide Tani" <RXC05271@nifty.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: users@ovirt.org Sent: Monday, September 22, 2014 4:16:17 AM Subject: Re: [ovirt-users] Can not configure with simple LDAP.
(2014/09/22 0:16), Alon Bar-Lev wrote: > ----- Original Message ----- >> From: "Fumihide Tani" <RXC05271@nifty.com> >> To: "Alon Bar-Lev" <alonbl@redhat.com> >> Cc: users@ovirt.org >> Sent: Sunday, September 21, 2014 6:00:48 PM >> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >> >> Hi, Alon, >> >> Following Alon's advice, I added authz-company.properties file to the >> configuration directory. >> Then OpenLDAP users can searched from oVirt Web admin. and I could add >> it's >> users >> to the portal successfully. >> >> But I have another problem. >> These OpenLDAP users that I added can not login to ovirt web user >> portal. >> >> User Name: Fumihide (This is shown on Web Admin Portal "Users" tab as >> "First >> Name") >> Password: (I specified it as OpenLDAP's userPassword for "Fumihide") >> Domain: rxc05271.com (I selected instead of "internal") >> >> ? > 1. What error do you get at ui? "The user name or password is incorrect."
> 2. Please look at engine.log while attempting to login, if you see > something helpful. 2014-09-22 09:53:27,669 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-2) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 09:53:27,685 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 09:53:27,693 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-2) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 09:53:27,693 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-2) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD
> 3. Please make sure that the following is a success: > $ ldapsearch -h <HOST> -x -W -D <LOGIN_USER_DN> -b <BASE_DN> > uid=<LOGIN_NAME> [root@ovirt ~]# ldapsearch -H ldapi:/// -x -W -D "uid=tani,ou=Users,dc=rxc05271,dc=com" -b 'dc=rxc05271,dc=com' -x '(uid=tani)' Enter LDAP Password: # extended LDIF # # LDAPv3 # base <dc=rxc05271,dc=com> with scope subtree # filter: (uid=tani) # requesting: ALL #
# tani, Users, rxc05271.com dn: uid=tani,ou=Users,dc=rxc05271,dc=com objectClass: inetOrgPerson objectClass: uidObject uid: tani cn: Fumihide Tani givenName: Fumihide mail: tani@rxc05271.com sn: Tani userPassword:: a3VtaXRhbg==
# search result search: 2 result: 0 Success
# numResponses: 2 # numEntries: 1 [root@ovirt ~]#
> 4. If working please modify > /usr/share/ovirt-enigne/services/ovirt-enigne/ovirt-enigne.xml.in > --- > <file-handler name="ENGINE" autoflush="true"> > - <level name="INFO"/> > - <level name="FINEST"/> > <snip> > + <logger category="org.ovirt.engineextensions.aaa.ldap"> > + <level name="FINEST"/> > + </logger> > <logger category="org.ovirt.engine.core.bll"> > --- > Restart engine, attempt login, send me the output. 2014-09-22 10:03:57,517 INFO [org.ovirt.engine.core.bll.aaa.LoginBaseCommand] (ajp--127.0.0.1-8702-7) Cant login user "Fumihide" with authentication profile "rxc05271.com" because the authentication failed. 2014-09-22 10:03:57,534 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide cannot login, please verify the username and password. 2014-09-22 10:03:57,545 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (ajp--127.0.0.1-8702-7) Correlation ID: null, Call Stack: null, Custom Event ID: -1, Message: User Fumihide failed to log in. 2014-09-22 10:03:57,545 WARN [org.ovirt.engine.core.bll.aaa.LoginUserCommand] (ajp--127.0.0.1-8702-7) CanDoAction of action LoginUser failed. Reasons:USER_FAILED_TO_AUTHENTICATE_WRONG_USERNAME_OR_PASSWORD
(logger level is not changed to FINEST? outputs is same as above.)
I had a mistake above... the file-handler level should be set to finest.
<file-handler name="ENGINE" autoflush="true"> <level name="FINEST"/>
can you confirm? or best send me the engine.xml.in file and I can see what's wrong.
thanks! I set file-handler's level name to "FINEST". but outputs are same as before. I attached the ovirt-engine.xml.in
Regards,
Thanks, Fumihide Tani
>> Please advice me, it's so thanksfull. >> >> Fumihide Tani >> >> >> (2014/09/21 17:13), Alon Bar-Lev wrote: >>> ----- Original Message ----- >>>> From: "Fumihide Tani" <RXC05271@nifty.com> >>>> To: "Alon Bar-Lev" <alonbl@redhat.com> >>>> Cc: users@ovirt.org >>>> Sent: Sunday, September 21, 2014 11:11:11 AM >>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>>> >>>> Hi, Alon >>>> >>>> Very thanks for your help. >>>> My problem was solved and the AAA is working now. >>>> I could add LDAP user. :) >>> Great. >>> Can you please send me a patch or modified README to make it better? >>> >>> Alon >>> >>>> Fumihide Tani >>>> >>>> (2014/09/21 16:19), Alon Bar-Lev wrote: >>>>> ----- Original Message ----- >>>>>> From: "Alon Bar-Lev" <alonbl@redhat.com> >>>>>> To: "Fumihide Tani" <RXC05271@nifty.com> >>>>>> Cc: users@ovirt.org >>>>>> Sent: Sunday, September 21, 2014 10:19:11 AM >>>>>> Subject: Re: [ovirt-users] Can not configure with simple LDAP. >>>>>> >>>>>> Hi, >>>>>> >>>>>> You need to create authz extension as well (authz-company). >>>>>> The configuration you provided is establishing authentication only >>>>>> (authn) >>>>>> which refer to authz-company but you did not add it. >>>>>> >>>>>> The terms are: >>>>>> 1. authn - who the user is. >>>>>> 2. authz - what user is permitted. >>>>>> 3. profile - combination of the two. >>>>>> >>>>>> ----------------------------- >>>>>> # vi /etc/ovirt-engine/extensions.d/authz-company.properties >>>>>> ovirt.engine.extension.name = authz-company >>>>>> ovirt.engine.extension.bindings.method = jbossmodule >>>>>> ovirt.engine.extension.binding.jbossmodule.module = >>>>>> org.ovirt.engine-extensions.aaa.ldap >>>>>> ovirt.engine.extension.binding.jbossmodule.class = >>>>>> org.ovirt.engineextensions.aaa.ldap.AuthnExtension >>>>> Sorry: >>>>> org.ovirt.engineextensions.aaa.ldap.AuthzExtension >>>>>> ovirt.engine.extension.provides = >>>>>> org.ovirt.engine.api.extensions.aaa.Authz >>>>>> config.profile.file.1 = /etc/ovirt-engine/aaa/rxc05271.properties >>>>>> -------------------------------------------------- >>>>>> >>>>>> Regards, >>>>>> Alon