有人可以告诉我如何在 Apache LDAP API 中正确使用 LdapNetworkConnection 的 move 方法,或者这是他们 API 中的错误?
Can someone tell me how to use move method of LdapNetworkConnection correctly in Apache LDAP API or it's a bug in their API?
我正在使用 Apache LDAP API 来帮助我们的客户连接到他们的 LDAP 服务器,并通过我们的 program.But 做他们想做的事我用方法 [=16] 做不到=] 在 LdapNetworkConnection。
这是我的 user.ldif:
version: 1
dn: dc=myorg,dc=com
objectClass: domain
objectClass: top
dc: myorg
dn: ou=Users,dc=myorg,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Users
dn: ou=Groups,dc=myorg,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Groups
dn: cn=LdapTester1,ou=Users,dc=myorg,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Test1 Ldap
sn: Ldap
uid: ldaptest1
userPassword: 12345
dn: cn=elecharny,ou=system
objectClass: top
objectClass: person
objectClass: extensibleObject
sn:: RW1tYW51ZWwgTMOpY2hhcm55
cn: elecharny
givenName: Ele
userPassword:: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKbHnLFs5N2PHk0gkyI/g3XeIdjxnWOAW5RVap4zWZuNY4gNGH1MhfHPVHcy6WEMoo+zaxU0Xh+Iv6BzrIa70IUCAwEAAQ== })
我想移动条目 cn=elecharny,ou=system,希望它是 cn=elecharny,ou=Users,dc=myorg,dc=com。
当运行代码时,移动操作之前的所有断言都可以。这意味着条目 ou=Users,dc=myorg,dc=com 存在。但是我得到了以下异常:
org.apache.directory.api.ldap.model.exception.LdapOperationErrorException: OPERATIONS_ERROR: failed for MessageType : MODIFYDN_REQUEST
Message ID : 4
ModifyDN Response
Entry : 'cn=elecharny,ou=system'
Delete old Rdn : false
New superior : 'ou=Users,dc=myorg,dc=com'
org.apache.directory.api.ldap.model.message.ModifyDnRequestImpl@bb289011: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!:
org.apache.directory.api.ldap.model.exception.LdapOperationErrorException: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!
太混乱了。几天来我一直试图解决这个问题。不幸的是,我还没有找到解决方案。
有人可以帮助我吗?
// Define the DirectoryService
@CreateDS(name = "myDS",
partitions = {
@CreatePartition(name = "test", suffix = "dc=myorg,dc=com")
})
// Define the LDAP protocol layer
@CreateLdapServer(
transports = {
@CreateTransport(protocol = "LDAP"),
@CreateTransport(protocol = "LDAPS")
},
allowAnonymousAccess = true,
extendedOpHandlers = {StartTlsHandler.class}
)
// Inject a file containing entries
@ApplyLdifFiles({"users.ldif"})
public class LdapConnectTest{
@Test
public void testMove() throws Exception {
LdapConnectionConfig connectionConfig = new LdapConnectionConfig();
connectionConfig.setLdapHost(Network.LOOPBACK_HOSTNAME);
connectionConfig.setLdapPort(ldapServer.getPort());
connectionConfig.setName("cn=LdapTester1,ou=Users,dc=myorg,dc=com");
connectionConfig.setCredentials("12345");
try(LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(connectionConfig)) {
ldapNetworkConnection.connect();
ldapNetworkConnection.bind();
assertTrue(ldapNetworkConnection.isConnected());
assertTrue(ldapNetworkConnection.isAuthenticated());
assertTrue(ldapNetworkConnection.exists("cn=elecharny,ou=system"));
assertTrue(ldapNetworkConnection.exists("ou=Users,dc=myorg,dc=com"));
ldapNetworkConnection.move("cn=elecharny,ou=system", "ou=Users,dc=myorg,dc=com");
assertTrue(ldapNetworkConnection.exists("cn=elecharny,ou=Users,dc=myorg,dc=com"));
ldapNetworkConnection.unBind();
assertFalse(ldapNetworkConnection.isConnected());
assertFalse(ldapNetworkConnection.isAuthenticated());
}
}
}
org.apache.directory.api.ldap.model.exception.LdapOperationErrorException: OPERATIONS_ERROR: failed for MessageType : MODIFYDN_REQUEST
Message ID : 4
ModifyDN Response
Entry : 'cn=elecharny,ou=system'
Delete old Rdn : false
New superior : 'ou=Users,dc=myorg,dc=com'
org.apache.directory.api.ldap.model.message.ModifyDnRequestImpl@bb289011: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!:
org.apache.directory.api.ldap.model.exception.LdapOperationErrorException: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!
at org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.move(AbstractBTreePartition.java:1922)
at org.apache.directory.server.core.shared.partition.DefaultPartitionNexus.move(DefaultPartitionNexus.java:509)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.move(BaseInterceptor.java:179)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.journal.JournalInterceptor.move(JournalInterceptor.java:276)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.changelog.ChangeLogInterceptor.move(ChangeLogInterceptor.java:283)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.trigger.TriggerInterceptor.move(TriggerInterceptor.java:448)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.event.EventInterceptor.move(EventInterceptor.java:347)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.subtree.SubentryInterceptor.move(SubentryInterceptor.java:1404)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.operational.OperationalAttributeInterceptor.move(OperationalAttributeInterceptor.java:486)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.exception.ExceptionInterceptor.move(ExceptionInterceptor.java:279)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.admin.AdministrativePointInterceptor.move(AdministrativePointInterceptor.java:1479)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.move(DefaultAuthorizationInterceptor.java:309)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.authz.AciAuthorizationInterceptor.move(AciAuthorizationInterceptor.java:998)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.referral.ReferralInterceptor.move(ReferralInterceptor.java:374)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.authn.AuthenticationInterceptor.move(AuthenticationInterceptor.java:1339)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.normalization.NormalizationInterceptor.move(NormalizationInterceptor.java:303)
at org.apache.directory.server.core.DefaultOperationManager.move(DefaultOperationManager.java:1269)
at org.apache.directory.server.core.shared.DefaultCoreSession.move(DefaultCoreSession.java:1072)
at org.apache.directory.server.core.shared.DefaultCoreSession.move(DefaultCoreSession.java:1054)
at org.apache.directory.server.ldap.handlers.request.ModifyDnRequestHandler.handle(ModifyDnRequestHandler.java:101)
at org.apache.directory.server.ldap.handlers.request.ModifyDnRequestHandler.handle(ModifyDnRequestHandler.java:40)
at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:207)
at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:243)
at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:223)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:1019)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:650)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access00(DefaultIoFilterChain.java:49)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl.messageReceived(DefaultIoFilterChain.java:1141)
at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:87)
at org.apache.mina.core.session.IoEvent.run(IoEvent.java:88)
at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.runTask(UnorderedThreadPoolExecutor.java:541)
at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run(UnorderedThreadPoolExecutor.java:493)
at java.base/java.lang.Thread.run(Thread.java:835)
Caused by: org.apache.directory.api.ldap.model.exception.LdapEntryAlreadyExistsException: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!
at org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.move(AbstractBTreePartition.java:1941)
at org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.move(AbstractBTreePartition.java:1917)
... 46 more
如果错误记录中某处存在错误:ERR_256_NO_SUCH_OBJECT 错误可能指的是不存在的条目 dn: cn=elecharny,ou=system - 它不可能,它的 DN 无效 - 而不是比 ou=Users,dc=myorg,dc=com。
如果您还没有创建 system 组织单位(不存在于您的 ldif 中),则需要创建该组织单位,并且 添加 您认为应该是的条目移动:
dn: ou=system,dc=myorg,dc=com
objectClass: organizationalUnit
objectClass: top
ou: system
dn: cn=elecharny,ou=system,dc=myorg,dc=com
objectClass: top
objectClass: person
objectClass: extensibleObject
sn:: RW1tYW51ZWwgTMOpY2hhcm55
cn: elecharny
givenName: Ele
userPassword:: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKbHnLFs5N2PHk0gkyI/g3XeIdjxnWOAW5RVap4zWZuNY4gNGH1MhfHPVHcy6WEMoo+zaxU0Xh+Iv6BzrIa70IUCAwEAAQ== })
使用缺少的条目创建一个新的 ldif 文件并使用 ldapadd -f new_ldif。
我正在使用 Apache LDAP API 来帮助我们的客户连接到他们的 LDAP 服务器,并通过我们的 program.But 做他们想做的事我用方法 [=16] 做不到=] 在 LdapNetworkConnection。
这是我的 user.ldif:
version: 1
dn: dc=myorg,dc=com
objectClass: domain
objectClass: top
dc: myorg
dn: ou=Users,dc=myorg,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Users
dn: ou=Groups,dc=myorg,dc=com
objectClass: organizationalUnit
objectClass: top
ou: Groups
dn: cn=LdapTester1,ou=Users,dc=myorg,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Test1 Ldap
sn: Ldap
uid: ldaptest1
userPassword: 12345
dn: cn=elecharny,ou=system
objectClass: top
objectClass: person
objectClass: extensibleObject
sn:: RW1tYW51ZWwgTMOpY2hhcm55
cn: elecharny
givenName: Ele
userPassword:: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKbHnLFs5N2PHk0gkyI/g3XeIdjxnWOAW5RVap4zWZuNY4gNGH1MhfHPVHcy6WEMoo+zaxU0Xh+Iv6BzrIa70IUCAwEAAQ== })
我想移动条目 cn=elecharny,ou=system,希望它是 cn=elecharny,ou=Users,dc=myorg,dc=com。
当运行代码时,移动操作之前的所有断言都可以。这意味着条目 ou=Users,dc=myorg,dc=com 存在。但是我得到了以下异常:
org.apache.directory.api.ldap.model.exception.LdapOperationErrorException: OPERATIONS_ERROR: failed for MessageType : MODIFYDN_REQUEST
Message ID : 4
ModifyDN Response
Entry : 'cn=elecharny,ou=system'
Delete old Rdn : false
New superior : 'ou=Users,dc=myorg,dc=com'
org.apache.directory.api.ldap.model.message.ModifyDnRequestImpl@bb289011: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!:
org.apache.directory.api.ldap.model.exception.LdapOperationErrorException: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!
太混乱了。几天来我一直试图解决这个问题。不幸的是,我还没有找到解决方案。 有人可以帮助我吗?
// Define the DirectoryService
@CreateDS(name = "myDS",
partitions = {
@CreatePartition(name = "test", suffix = "dc=myorg,dc=com")
})
// Define the LDAP protocol layer
@CreateLdapServer(
transports = {
@CreateTransport(protocol = "LDAP"),
@CreateTransport(protocol = "LDAPS")
},
allowAnonymousAccess = true,
extendedOpHandlers = {StartTlsHandler.class}
)
// Inject a file containing entries
@ApplyLdifFiles({"users.ldif"})
public class LdapConnectTest{
@Test
public void testMove() throws Exception {
LdapConnectionConfig connectionConfig = new LdapConnectionConfig();
connectionConfig.setLdapHost(Network.LOOPBACK_HOSTNAME);
connectionConfig.setLdapPort(ldapServer.getPort());
connectionConfig.setName("cn=LdapTester1,ou=Users,dc=myorg,dc=com");
connectionConfig.setCredentials("12345");
try(LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(connectionConfig)) {
ldapNetworkConnection.connect();
ldapNetworkConnection.bind();
assertTrue(ldapNetworkConnection.isConnected());
assertTrue(ldapNetworkConnection.isAuthenticated());
assertTrue(ldapNetworkConnection.exists("cn=elecharny,ou=system"));
assertTrue(ldapNetworkConnection.exists("ou=Users,dc=myorg,dc=com"));
ldapNetworkConnection.move("cn=elecharny,ou=system", "ou=Users,dc=myorg,dc=com");
assertTrue(ldapNetworkConnection.exists("cn=elecharny,ou=Users,dc=myorg,dc=com"));
ldapNetworkConnection.unBind();
assertFalse(ldapNetworkConnection.isConnected());
assertFalse(ldapNetworkConnection.isAuthenticated());
}
}
}
org.apache.directory.api.ldap.model.exception.LdapOperationErrorException: OPERATIONS_ERROR: failed for MessageType : MODIFYDN_REQUEST
Message ID : 4
ModifyDN Response
Entry : 'cn=elecharny,ou=system'
Delete old Rdn : false
New superior : 'ou=Users,dc=myorg,dc=com'
org.apache.directory.api.ldap.model.message.ModifyDnRequestImpl@bb289011: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!:
org.apache.directory.api.ldap.model.exception.LdapOperationErrorException: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!
at org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.move(AbstractBTreePartition.java:1922)
at org.apache.directory.server.core.shared.partition.DefaultPartitionNexus.move(DefaultPartitionNexus.java:509)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.move(BaseInterceptor.java:179)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.journal.JournalInterceptor.move(JournalInterceptor.java:276)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.changelog.ChangeLogInterceptor.move(ChangeLogInterceptor.java:283)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.trigger.TriggerInterceptor.move(TriggerInterceptor.java:448)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.event.EventInterceptor.move(EventInterceptor.java:347)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.subtree.SubentryInterceptor.move(SubentryInterceptor.java:1404)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.operational.OperationalAttributeInterceptor.move(OperationalAttributeInterceptor.java:486)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.exception.ExceptionInterceptor.move(ExceptionInterceptor.java:279)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.admin.AdministrativePointInterceptor.move(AdministrativePointInterceptor.java:1479)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.move(DefaultAuthorizationInterceptor.java:309)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.authz.AciAuthorizationInterceptor.move(AciAuthorizationInterceptor.java:998)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.referral.ReferralInterceptor.move(ReferralInterceptor.java:374)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.authn.AuthenticationInterceptor.move(AuthenticationInterceptor.java:1339)
at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:531)
at org.apache.directory.server.core.normalization.NormalizationInterceptor.move(NormalizationInterceptor.java:303)
at org.apache.directory.server.core.DefaultOperationManager.move(DefaultOperationManager.java:1269)
at org.apache.directory.server.core.shared.DefaultCoreSession.move(DefaultCoreSession.java:1072)
at org.apache.directory.server.core.shared.DefaultCoreSession.move(DefaultCoreSession.java:1054)
at org.apache.directory.server.ldap.handlers.request.ModifyDnRequestHandler.handle(ModifyDnRequestHandler.java:101)
at org.apache.directory.server.ldap.handlers.request.ModifyDnRequestHandler.handle(ModifyDnRequestHandler.java:40)
at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:207)
at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56)
at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:243)
at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:223)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:1019)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:650)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access00(DefaultIoFilterChain.java:49)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl.messageReceived(DefaultIoFilterChain.java:1141)
at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:87)
at org.apache.mina.core.session.IoEvent.run(IoEvent.java:88)
at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.runTask(UnorderedThreadPoolExecutor.java:541)
at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run(UnorderedThreadPoolExecutor.java:493)
at java.base/java.lang.Thread.run(Thread.java:835)
Caused by: org.apache.directory.api.ldap.model.exception.LdapEntryAlreadyExistsException: ERR_256_NO_SUCH_OBJECT Entry ou=Users,dc=myorg,dc=com does not exist!
at org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.move(AbstractBTreePartition.java:1941)
at org.apache.directory.server.core.partition.impl.btree.AbstractBTreePartition.move(AbstractBTreePartition.java:1917)
... 46 more
如果错误记录中某处存在错误:ERR_256_NO_SUCH_OBJECT 错误可能指的是不存在的条目 dn: cn=elecharny,ou=system - 它不可能,它的 DN 无效 - 而不是比 ou=Users,dc=myorg,dc=com。
如果您还没有创建 system 组织单位(不存在于您的 ldif 中),则需要创建该组织单位,并且 添加 您认为应该是的条目移动:
dn: ou=system,dc=myorg,dc=com
objectClass: organizationalUnit
objectClass: top
ou: system
dn: cn=elecharny,ou=system,dc=myorg,dc=com
objectClass: top
objectClass: person
objectClass: extensibleObject
sn:: RW1tYW51ZWwgTMOpY2hhcm55
cn: elecharny
givenName: Ele
userPassword:: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKbHnLFs5N2PHk0gkyI/g3XeIdjxnWOAW5RVap4zWZuNY4gNGH1MhfHPVHcy6WEMoo+zaxU0Xh+Iv6BzrIa70IUCAwEAAQ== })
使用缺少的条目创建一个新的 ldif 文件并使用 ldapadd -f new_ldif。