LDAP integration add-on

The new LDAP add-on is now available on Marketplace!
The add-on is designed to quickly and easily integrate with your directory server.
The key features of the component include:

  • Authentication in CUBA applications using LDAP credentials;
  • Configuration of rules for assigning roles and access groups to users, including customized and scripting ones;
  • Auto-population of user details from your LDAP server to a CUBA application;
  • Convenient logs for LDAP synchronization details;
  • EventListeners to interact with the LDAP add-on events.

Please find full documentation and available versions on github page https://github.com/cuba-platform/ldap-addon

1 Like

Hi,
I have added LDAP addon on my Project and it is working fine but I am getting this error while trying to open the LDAP matching rules link.
Can you help to resolve the same.

image

Error Log:
com.haulmont.cuba.core.global.RemoteException:
---
java.lang.IllegalArgumentException: An exception occurred while creating a query in EntityManager: 
Exception Description: Problem compiling [select e from AbstractCommonMatchingRule e]. 
[14, 40] The abstract schema type 'AbstractCommonMatchingRule' is unknown.
---
org.eclipse.persistence.exceptions.JPQLException: 
Exception Description: Problem compiling [select e from AbstractCommonMatchingRule e]. 
[14, 40] The abstract schema type 'AbstractCommonMatchingRule' is unknown.
	at com.haulmont.cuba.core.sys.ServiceInterceptor.aroundInvoke(ServiceInterceptor.java:129)
	at sun.reflect.GeneratedMethodAccessor184.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627)
	at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616)
	at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168)
	at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213)
	at com.sun.proxy.$Proxy242.loadList(Unknown Source)
	at sun.reflect.GeneratedMethodAccessor247.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at com.haulmont.cuba.core.sys.remoting.LocalServiceInvokerImpl.invoke(LocalServiceInvokerImpl.java:94)
	at com.haulmont.cuba.web.sys.remoting.LocalServiceProxy$LocalServiceInvocationHandler.invoke(LocalServiceProxy.java:154)
	at com.sun.proxy.$Proxy32.loadList(Unknown Source)
	at com.haulmont.cuba.client.sys.DataManagerClientImpl.loadList(DataManagerClientImpl.java:57)
	at com.haulmont.cuba.gui.data.impl.GenericDataSupplier.loadList(GenericDataSupplier.java:117)
	at com.haulmont.cuba.gui.data.impl.CollectionDatasourceImpl.loadData(CollectionDatasourceImpl.java:613)
	at com.haulmont.cuba.gui.data.impl.CollectionDatasourceImpl.refresh(CollectionDatasourceImpl.java:161)
	at com.haulmont.cuba.gui.data.impl.CollectionDatasourceImpl.refresh(CollectionDatasourceImpl.java:119)
	at com.haulmont.cuba.gui.data.impl.CollectionDatasourceImpl.setSuspended(CollectionDatasourceImpl.java:722)
	at com.haulmont.cuba.gui.data.impl.DsContextImpl.resumeSuspended(DsContextImpl.java:85)
	at com.haulmont.cuba.gui.WindowManager.afterShowWindow(WindowManager.java:1164)
	at com.haulmont.cuba.web.WebWindowManager.showWindow(WebWindowManager.java:422)
	at com.haulmont.cuba.gui.WindowManager.openWindow(WindowManager.java:756)
	at com.haulmont.cuba.web.WebWindowManager.openWindow(WebWindowManager.java:158)
	at com.haulmont.cuba.gui.config.MenuCommand$ScreenCommand.run(MenuCommand.java:181)
	at com.haulmont.cuba.gui.config.MenuCommand.execute(MenuCommand.java:76)
	at com.haulmont.cuba.web.sys.SideMenuBuilder.lambda$createMenuCommandExecutor$0(SideMenuBuilder.java:182)
	at com.haulmont.cuba.web.gui.components.mainwindow.WebSideMenu$MenuItemImpl.lambda$setCommand$0(WebSideMenu.java:481)
	at com.haulmont.cuba.web.toolkit.ui.CubaSideMenu$1.menuItemTriggered(CubaSideMenu.java:92)
	at sun.reflect.GeneratedMethodAccessor310.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:158)
	at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:119)
	at com.vaadin.server.communication.ServerRpcHandler.handleInvocation(ServerRpcHandler.java:444)
	at com.vaadin.server.communication.ServerRpcHandler.handleInvocations(ServerRpcHandler.java:409)
	at com.vaadin.server.communication.ServerRpcHandler.handleRpc(ServerRpcHandler.java:274)
	at com.vaadin.server.communication.UidlRequestHandler.synchronizedHandleRequest(UidlRequestHandler.java:90)
	at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:41)
	at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1435)
	at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:361)
	at com.haulmont.cuba.web.sys.CubaApplicationServlet.serviceAppRequest(CubaApplicationServlet.java:312)
	at com.haulmont.cuba.web.sys.CubaApplicationServlet.service(CubaApplicationServlet.java:203)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:107)
	at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:73)
	at com.haulmont.cuba.web.sys.CubaHttpFilter.doFilter(CubaHttpFilter.java:107)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)

Regards,
Velankanni J

Hi, Velankanniraj.
Please, clarify, which version of CUBA platform do you use?
I can’t reproduce this error on latest one (6.10.7). I set up ldap addon from scratch and I could open and create matching rules. May be you have scenario how reproduce this error?

Hi,
Thank you for your prompt response and sorry for my delay reply.

I am using this this addon in Oracle v12.2.2.I have migrated the project(Oracle as main database project) to lastest version but still facing the same error.

Also I tried to create a new project with main database as HSQLDB on latest version 6.10.7 and I didn’t faced any issue. It is perfectly working fine.

One good thing is, I am able to cancel the error message screen and continue to create/modify the rules. Validation also happening properly, but whenever I open the Matching Rule screen the mentioned error is appearing on the screen.

Is it possible that the LDAP addon related tables might not be created properly in Oracle DB?

Hi, Velankanniraj.
Addon was tested on Oracle 11g XE without any problems.
I could test it with Oracle 12c XE. I’ll write about results.
Do you use XE version of Orscle?

Hi Anton,

No I don’t have Oracle XE.
I have tried on Oracle Enterprise edition.
Thanks.

Hi, Velankanniraj.
I tested LDAP addon on Oracle XE 12.2.0. Seems all works fine.
1.Pull LDAP addon (https://github.com/cuba-platform/ldap-addon.git)
2.Execute Run->Create database via cuba studio.
3. Assemble and run application.
4.Login with admin, open Matching rule screen, add several rules, save them. No errors.
orcl

So, I’m puzzled what happens in your case.
You said that you migrated to new Oracle’s version (12.2.2). Do you have this error with previous one?
Or could you test addon on Oracle XE 12.2.0 (as I did)? It is free for downloading.

Hi Anton,
Thanks for your response.

Actually for Import data add-in, I faced issue with length of table name having more than 30 charactes and to resolve the same I asked my DB team to upgrade the Oracle version from 12.2.0 to 12.2.2.
Post upgrade only I found LDAP add-in in Cuba marketplace. So I have not tried in the older version of Oracle. But I tried using it in HSQL DB and it worked fine.

Is this fine, if I drop all LDAP add-in related tables from Oracle and try to create the same using update database option from new project?

Hi, Velankanniraj.
Don’t think that “update database” will create tables.
You could click “Create database” in studio this will recreate the ldap addon schema.

Hi Anton,
But If I do create database, then my existing tables with data also will be cleared right?

Correct me if I am wrong.

Hi Velankanniraj,

You are right, Create database will clear all your tables.
Please try to use Generate DB scripts action from Studio, then check created scripts and then invoke update database.

Best regards,
Zaharchenko Evgeny

Hi Zaharchenko,

Sure. I will try and give you the update.

Thanks.

Hi,
I think I found the reason.
Actually, initially I have created the project on CUBA platform version 6.9.* and then I added the LDAP version of 1.2.0 and it shows the warning message as this artifact is not compatible with the Cuba version so I migrated the project to the latest version 6.10.7 and then I started facing this issue.
Now, I have created a new project on CUBA 6.10.7 and added the LDAP add on and used main database as Oracle 12.2.2 (without updating DB, because tables already created) and am not facing the matching rule screen issue.
Not sure why this happened with old project.

One more thing, I observed that override existing group and roles having some issue. I have unchecked both while creating the rules but still it is overriding the existing group and roles instead of skipping.
Am I missing anything here?

Regards,
Velankanni J