Unable to get the data from LDAP while passing cn as a parameter

1
votes

We are migrating a java based application hosted on RHEL 5 to RHEL 7. It has a feature to search users based on username (cn) from ldap directory installed on the linux server.The above feature is working fine with RHEL 5 having openldap version 2.3.43 in the server.And our application is internally using spring-ldap-core-1.3.1.RELEASE jar to fetch the data from the openldap .JAVA version in old server is 1.7

Currently we are having RHEL 7 ,JBOSS-EAP 7,opendldap 2.4.44 ,java 8 and spring-ldap-core-1.3.1 .

When we are running ldap command directly on server to search the user based on "cn" it is giving us the desired result but via application it is unable to fetch the result using the spring ldap jar

Below is the command use to get result on the server :

ldapsearch -x -h localhost -b "cn=xxx,o=xxxUser,dc=eu,dc=xxx,dc=com"

With the above command we are getting the desired result but dont know why unable to get using the above jar.

We tried to upgrade spring-ldap-core-1.3.1 to 2.3.2.RELEASE version.But still facing same issue.

We are using below codes to call :

public List<User> searchUsersByUserName(final String userName) {
        AndFilter filter = new AndFilter();
        filter.and(new EqualsFilter("objectClass", "user"));
        filter.and(new WhitespaceWildcardsFilter("cn", userName));      
        return this.processSearchResults(this.ldapTemplate.search("o=xxxUser", filter.encode(), new UserContextMapper()));
    }

I am unable to get data from the ldap server for cn and unable to pass it to UserContextMapper .

This is our UserContextMapper class :

/**
 * Context mapper for ldap users.
 */
public class UserContextMapper implements ParameterizedContextMapper<User> {    
    @Override
    public User mapFromContext(final Object ctx) {
        DirContextAdapter context = (DirContextAdapter) ctx;
        String cn = context.getStringAttribute("cn");
        String surName = context.getStringAttribute("sn");
        String fullName = context.getStringAttribute("displayName");
        String givenName = context.getStringAttribute("givenName");
        String userMail = context.getStringAttribute("usermail");
        User u = new User(cn, surName, fullName, givenName, userMail);
        String[] groupsArray = context.getStringAttributes("memberOf");
        if (groupsArray != null) {
            for (String group : Arrays.asList(groupsArray)) {
                u.getGroups().add(LdapHelper.getOrganizationalUnit(group));
            }
        }
        return u;
    }

}
javaopenldapspring-ldaprhel7
The code to search for the entry will actually lead to the following ldapsearch ldapsearch -x -h localhost -b "o=xxxUser,dc=eu,dc=xxx,dc=com" (&(objectclass=user)(cn=*VALUE*)) This could return more than one entry and is unsuitable. The filter should be '(&(cn=VALUE)(objetclass=user))'. Typically LDAP-based Directory Server do not have a request optimizier (as an RDBMS has), so the oder of the filters in a compound filter matters. - Bernhard Thalmayr
What is the expected output ? Try to set a full path as the base search argument : ldapTemplate.search("o=xxxUser,dc=eu,dc=xxx,dc=com", filter.encode(), new UserContextMapper()). And filter username with new EqualsFilter("cn", userName); - EricLavault
@EricLavault When I tried your method I got ``` org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotF oundException: [LDAP: error code 32 - No Such Object]; remaining name 'o=xxxxUser,dc=eu,dc=xxx,dc=com' ``` - kunwar raghvendra
@BernhardThalmayr After trying your method I did not get the desired result , However I got this result ``` Filter results :(&(cn=xxxxx)(objectClass=*user*)) ``` - kunwar raghvendra