springldapspring-ldapldap-queryspring-security-ldap

Why do I get javax.naming.NameNotFoundException: [LDAP: Error code 32 - No Such Object]; remaining name '/' after upgrading spring-ldap on findUser?


After upgrading to spring-ldap 2.4.0 from 2.0.2.RELEASE, we are experiencing this error when trying to find an existing ldap user. We haven't changed any code or configuration except for the .xsd schema files that need to be included. I haven't been able to find any documentation so far on what spring-ldap might have changed between the versions to cause this. I have also seen other similar questions asked on Stack Overflow, but so far I haven't found this exact issue.

: org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name '/'
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:183)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:380)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:313)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:646)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:582)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//org.springframework.ldap.core.LdapTemplate.find(LdapTemplate.java:1846)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//org.springframework.ldap.core.LdapTemplate.find(LdapTemplate.java:1867)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//org.springframework.ldap.core.LdapTemplate.findOne(LdapTemplate.java:1875)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//com.[PROTECTED].ldap.domain.LdapUserRepository.findByUid(LdapUserRepository.java:92)
    at deployment.[PROTECTED]-1.37.0.34-BUILD-SNAPSHOT.war//[PROTECTED].[PROTECTED].ldap.service.impl.LdapUserServiceImpl.findUser(LdapUserServiceImpl.java:67)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:566) 

Here is my pom file:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <packaging>war</packaging>
    <version>1.37.0.34-BUILD-SNAPSHOT</version>
    <repositories>
        <repository>
            <id>Java.Net</id>
            <url>http://download.java.net/maven/2/</url>
        </repository>
    </repositories>
    <properties>
        <java-version>11</java-version>
        <org.springframework-version>5.3.20</org.springframework-version>
        <spring-security.version>5.7.1</spring-security.version>
        <spring-ldap.version>2.4.0</spring-ldap.version>
        <tiles-version>3.0.8</tiles-version>
        <org.aspectj-version>1.6.9</org.aspectj-version>
        <email-service-version>1.0.3</email-service-version>
        <jdbc-service-version>1.0.2</jdbc-service-version>
    </properties>
    <dependencies>
        <!-- Spring -->
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-context</artifactId>
            <version>${org.springframework-version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-context-support</artifactId>
            <version>${org.springframework-version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-webmvc</artifactId>
            <version>${org.springframework-version}</version>
        </dependency>

        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-tx</artifactId>
            <version>${org.springframework-version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-orm</artifactId>
            <version>${org.springframework-version}</version>
        </dependency>

        <!-- Spring Security -->
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-core</artifactId>
            <version>${spring-security.version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-web</artifactId>
            <version>${spring-security.version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-config</artifactId>
            <version>${spring-security.version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-taglibs</artifactId>
            <version>${spring-security.version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-acl</artifactId>
            <version>${spring-security.version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-ldap</artifactId>
            <version>${spring-security.version}</version>
        </dependency>
        
        
        <!--  Spring ldap -->
        <dependency>
          <groupId>org.springframework.ldap</groupId>   
          <artifactId>spring-ldap-odm</artifactId>
          <version>${spring-ldap.version}</version>
        </dependency>
        
        <dependency>
            <groupId>org.springframework.ldap</groupId>
            <artifactId>spring-ldap-core</artifactId>
            <version>${spring-ldap.version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.ldap</groupId>
            <artifactId>spring-ldap-core-tiger</artifactId>
            <version>${spring-ldap.version}</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.data</groupId>
            <artifactId>spring-data-commons</artifactId>
            <version>2.7.0</version>
            <exclusions>
                <exclusion>
                    <groupId>org.slf4j</groupId>
                    <artifactId>jcl-over-slf4j</artifactId>
                </exclusion>
            </exclusions>
        </dependency>

    
        <!-- Tiles -->
        <dependency>
            <groupId>org.apache.tiles</groupId>
            <artifactId>tiles-core</artifactId>
            <version>${tiles-version}</version>
            <exclusions>
                <exclusion>
                    <groupId>org.slf4j</groupId>
                    <artifactId>jcl-over-slf4j</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>org.apache.tiles</groupId>
            <artifactId>tiles-template</artifactId>
            <version>${tiles-version}</version>
        </dependency>
        <dependency>
            <groupId>org.apache.tiles</groupId>
            <artifactId>tiles-jsp</artifactId>
            <version>${tiles-version}</version>
        </dependency>
        <dependency>
            <groupId>org.apache.tiles</groupId>
            <artifactId>tiles-servlet</artifactId>
            <version>${tiles-version}</version>
        </dependency>
        <!-- AspectJ -->
        <dependency>
            <groupId>org.aspectj</groupId>
            <artifactId>aspectjrt</artifactId>
            <version>${org.aspectj-version}</version>
        </dependency>

        <!-- Logging -->
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-api</artifactId>
            <version>2.17.1</version>
        </dependency>
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-core</artifactId>
            <version>2.17.1</version>
        </dependency>
        <dependency>
            <groupId>org.apache.logging.log4j</groupId>
            <artifactId>log4j-slf4j-impl</artifactId>
            <version>2.17.1</version>
        </dependency>

        <!-- @Inject -->
        <dependency>
            <groupId>javax.inject</groupId>
            <artifactId>javax.inject</artifactId>
            <version>1</version>
        </dependency>

        <dependency>
            <groupId>cglib</groupId>
            <artifactId>cglib-nodep</artifactId>
            <version>2.2.2</version>
        </dependency>

        <!-- Servlet -->
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>servlet-api</artifactId>
            <version>2.5</version>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>javax.servlet.jsp</groupId>
            <artifactId>jsp-api</artifactId>
            <version>2.1</version>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>jstl</artifactId>
            <version>1.2</version>
        </dependency> 

        <!-- Hibernate -->
        <dependency>
            <groupId>org.hibernate</groupId>
            <artifactId>hibernate-core</artifactId>
            <version>5.6.9.Final</version>
        </dependency>
        <dependency>
            <groupId>org.hibernate</groupId>
            <artifactId>hibernate-entitymanager</artifactId>
            <version>5.6.9.Final</version>
        </dependency>
        <dependency>
            <groupId>org.hibernate</groupId>
            <artifactId>hibernate-search-orm</artifactId>
            <version>5.11.10.Final</version>
            <exclusions>
                <exclusion>
                    <groupId>org.slf4j</groupId>
                    <artifactId>slf4j-api</artifactId>
                </exclusion>
            </exclusions>
        </dependency>

        <!-- JSR 303 with Hibernate Validator -->
        <dependency>
            <groupId>org.hibernate.validator</groupId>
            <artifactId>hibernate-validator</artifactId>
            <version>6.2.3.Final</version>
        </dependency>
        <dependency>
            <groupId>asm</groupId>
            <artifactId>asm</artifactId>
            <version>3.3.1</version>
        </dependency>

        <dependency>
            <groupId>org.apache.openejb</groupId>
            <artifactId>commons-dbcp-all</artifactId>
            <version>1.3</version>
        </dependency>

        <!-- Test -->
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.12</version>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.springframework</groupId>
            <artifactId>spring-test</artifactId>
            <version>${org.springframework-version}</version>
            <scope>test</scope>
        </dependency>

        <!-- Misc -->
        <dependency>
            <groupId>joda-time</groupId>
            <artifactId>joda-time</artifactId>
            <version>2.9.5</version>
        </dependency>
        <dependency>
            <groupId>com.opencsv</groupId>
            <artifactId>opencsv</artifactId>
            <version>4.1</version>
        </dependency>

        <!-- https://mvnrepository.com/artifact/javax.json/javax.json-api -->
        <dependency>
            <groupId>javax.json</groupId>
            <artifactId>javax.json-api</artifactId>
            <version>1.1.4</version>
        </dependency>
        <dependency>
            <groupId>org.json</groupId>
            <artifactId>json</artifactId>
            <version>20210307</version>
        </dependency>
    

        <!-- Java Mail API <dependency> <groupId>javax.activation</groupId> <artifactId>activation</artifactId> 
            <version>1.0.2</version> </dependency> -->
        <dependency>
            <groupId>javax.mail</groupId>
            <artifactId>mail</artifactId>
            <version>1.4.3</version>
        </dependency>

        <dependency>
            <groupId>oro</groupId>
            <artifactId>oro</artifactId>
            <version>2.0.8</version>
        </dependency>
        <dependency>
            <groupId>commons-validator</groupId>
            <artifactId>commons-validator</artifactId>
            <version>1.3.1</version>
        </dependency>
        <dependency>
            <groupId>commons-collections</groupId>
            <artifactId>commons-collections</artifactId>
            <version>3.2.1</version>
        </dependency>
        
        <!-- Apache Commons FileUpload -->
        <dependency>
            <groupId>commons-fileupload</groupId>
            <artifactId>commons-fileupload</artifactId>
            <version>1.3.1</version>
        </dependency>
         
        <!-- Apache Commons IO -->
        <dependency>
            <groupId>commons-io</groupId>
            <artifactId>commons-io</artifactId>
            <version>2.4</version>
        </dependency>
        
        <!-- https://mvnrepository.com/artifact/org.apache.poi/poi -->
        <dependency>
            <groupId>org.apache.poi</groupId>
            <artifactId>poi-ooxml</artifactId>
            <version>4.1.2</version>
        </dependency>
        
        <!--  AWS SDK -->
        <dependency>
            <groupId>com.amazonaws</groupId>
            <artifactId>aws-lambda-java-core</artifactId>
            <version>1.2.1</version>
        </dependency>
        <dependency>
            <groupId>com.amazonaws</groupId>
            <artifactId>aws-java-sdk-iam</artifactId>
            <version>1.11.942</version>
        </dependency>
        <dependency>
            <groupId>com.amazonaws</groupId>
            <artifactId>aws-java-sdk-s3</artifactId>
            <version>1.11.942</version>
        </dependency>
        
        <!-- DUO -->
        <dependency>
            <groupId>com.duosecurity</groupId>
            <artifactId>duo-universal-sdk</artifactId>
            <version>1.0.3</version>
        </dependency>
        <dependency>
            <groupId>com.google.guava</groupId>
            <artifactId>guava</artifactId>
            <version>r05</version>
        </dependency>
        <dependency>
            <groupId>commons-lang</groupId>
            <artifactId>commons-lang</artifactId>
            <version>2.4</version>
        </dependency>
        <dependency>
            <groupId>javax.annotation</groupId>
            <artifactId>javax.annotation-api</artifactId>
            <version>1.3.2</version>
        </dependency>
        
    </dependencies>
    <build>
        <plugins>
            <plugin>
                <artifactId>maven-eclipse-plugin</artifactId>
                <version>2.9</version>
                <configuration>
                    <additionalProjectnatures>
                        <projectnature>org.springframework.ide.eclipse.core.springnature</projectnature>
                    </additionalProjectnatures>
                    <additionalBuildcommands>
                        <buildcommand>org.springframework.ide.eclipse.core.springbuilder</buildcommand>
                    </additionalBuildcommands>
                    <downloadSources>true</downloadSources>
                    <downloadJavadocs>true</downloadJavadocs>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.8.1</version>
                <configuration>
                    <source>11</source>
                    <target>11</target>
                    <compilerArgument>-Xlint:all</compilerArgument>
                    <showWarnings>true</showWarnings>
                    <showDeprecation>true</showDeprecation>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-surefire-plugin</artifactId>
                <version>2.18.1</version>
                <configuration>
                    <excludes>
                     <exclude>**/*Test.java</exclude>
                    </excludes>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.codehaus.plexus</groupId>
                <artifactId>eplexus-container-default</artifactId>
                <version>1.5.5</version>
            </plugin>
            <plugin>
                <groupId>org.codehaus.mojo</groupId>
                <artifactId>exec-maven-plugin</artifactId>
                <version>1.2.1</version>
                <configuration>
                    <mainClass>org.test.int1.Main</mainClass>
                </configuration>
            </plugin>
        </plugins>
    </build>
</project>

My spring-ldap.xml

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
    xmlns:ldap="http://www.springframework.org/schema/ldap"
    xmlns:context="http://www.springframework.org/schema/context"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:p="http://www.springframework.org/schema/p" 
    xmlns:util="http://www.springframework.org/schema/util"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/ldap http://www.springframework.org/schema/ldap/spring-ldap.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">
 
 
    <context:annotation-config />

    <ldap:context-source id="contextSource"
                         password="${ldap.managerPassword}"
                         url="${ldap.url}"
                         username="${ldap.managerDn}"
                          />


    <ldap:ldap-template id="ldapTemplate" context-source-ref="contextSource"/>

    <bean class="com.ldap.domain.LdapUserRepository" />


    <!-- Required to make sure BaseLdapName is populated in UserService -->
    <bean class="org.springframework.ldap.core.support.BaseLdapPathBeanPostProcessor" />

</beans>

From properties

<property name="apii.ldap.cn.index" value="2"/>
<property name="apii.ldap.base" value="ou=app,ou=people"/>
<property name="apii.ldap.env.base" value="ou=dv,dc=apii,dc=systems"/>
<property name="apii.ldap.duo.group" value="cn=duodev,ou=qcidev,ou=apps,ou=groups"/>

Our code which is calling ldap. It fails on 'ldapTemplate.findOne(query().where("uid").is(uid), LdapUser.class)'

package com.[PROTECTED].ldap.domain;

import static org.springframework.ldap.query.LdapQueryBuilder.query;

import java.util.List;

import javax.naming.Name;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.ModificationItem;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.ldap.NameNotFoundException;
import org.springframework.ldap.NoSuchAttributeException;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.LdapTemplate;
import org.springframework.ldap.core.support.AbstractContextMapper;

import com.[PROTECTED].exception.ConfigPropertiesException;

public class LdapUserRepository {
    @Autowired
    private LdapTemplate ldapTemplate;
    private final static String ATTR_LOCKTIME = "pwdAccountLockedTime";

    public LdapUser create(LdapUser ldapUser) {
        ldapTemplate.create(ldapUser);

        return ldapUser;
    }

    public LdapUser createDuo(LdapUser ldapUser) throws ConfigPropertiesException {

        addDuoGroup(ldapUser);

        create(ldapUser);

        return ldapUser;
    }
    
    public void removeDuo(LdapUser ldapUser) throws ConfigPropertiesException {
        removeDuoGroup(ldapUser);
    }
    
    public void addDuo(LdapUser ldapUser) throws ConfigPropertiesException {
        addDuoGroup(ldapUser);
    }
    
    private void addDuoGroup(LdapUser ldapUser) throws ConfigPropertiesException {
        // Add to DUO Group
        String groupDn = System.getProperty("ldap.duo.group");
        Name  distinguishedName =  null;

        try {
            distinguishedName =  ldapUser.getFullPathDn();
            addMemberToGroup(distinguishedName, groupDn);
        } catch (NameNotFoundException nnfe) {
            // try it again
            try {
                addMemberToGroup(distinguishedName, groupDn);
            } catch (NameNotFoundException nnfe2) {
                // try it again
                addMemberToGroup(distinguishedName, groupDn);
            } 
        } catch (ConfigPropertiesException e) {
            throw e;
        }
    }
    
    private void removeDuoGroup(LdapUser ldapUser) throws ConfigPropertiesException {
        // Remove DUO Group
        String groupDn = System.getProperty("ldap.duo.group");
        Name  distinguishedName =  null;

        try {
            distinguishedName =  ldapUser.getFullPathDn();
            removeMemberFromGroup(distinguishedName, groupDn);
        } catch (NameNotFoundException nnfe) {
            // try it again
            try {
                removeMemberFromGroup(distinguishedName, groupDn);
            } catch (NameNotFoundException nnfe2) {
                // try it again
                removeMemberFromGroup(distinguishedName, groupDn);
            } 
        } catch (ConfigPropertiesException e) {
            throw e;
        }
    }

    public LdapUser findByUid(String uid) {
       /***ERROR OCCURS ON NEXT LINE ***/

        return ldapTemplate.findOne(query().where("uid").is(uid), LdapUser.class);
    }
    
    public LdapUserUpdate findByUidLdapUserUpdate(String uid) {
        return ldapTemplate.findOne(query().where("uid").is(uid), LdapUserUpdate.class);
    }

    public void updateLdapUserUpdate(LdapUserUpdate ldapUser) {
        ldapTemplate.update(ldapUser);
    }
    
    public void update(LdapUser ldapUser) {
        ldapTemplate.update(ldapUser);
    }

    public void delete(LdapUser ldapUser) {
        ldapTemplate.delete(ldapUser);
    }

    public List<LdapUser> findAll() {
        return ldapTemplate.findAll(LdapUser.class);
    }

    public void unlock(LdapUser ldapUser) {
        try {
            Name dn = ldapUser.getDn();

            ModificationItem[] modificationItems;
            modificationItems = new ModificationItem[1];
            modificationItems[0] = new ModificationItem(DirContextAdapter.REMOVE_ATTRIBUTE,
                    new BasicAttribute(ATTR_LOCKTIME));
            ldapTemplate.modifyAttributes(dn, modificationItems);
        } catch (NoSuchAttributeException nsae) {
            // do nothing.
        }

    }

    public String retrieveOperationalAttribute(Name dn, String attibuteName) {
        
        String attributeValue = (String) ldapTemplate.lookup(dn, new String[] { attibuteName }, new ApiiContextMapper());

        return attributeValue;
    }

    private static class ApiiContextMapper extends AbstractContextMapper {

        protected Object doMapFromContext(DirContextOperations ctx) {
            Object obj = ctx.getStringAttribute("authTimestamp");
            return obj;
        }
    }

    private boolean addMemberToGroup(Name memberDn, String groupDn) {
        // Add to DUO Group
        DirContextOperations ctx = ldapTemplate.lookupContext(groupDn);
        ctx.addAttributeValue("member", memberDn);
        ldapTemplate.modifyAttributes(ctx);
        return true;
    }
    
    private boolean removeMemberFromGroup(Name memberDn, String groupDn) {
        // Remove DUO Group
        DirContextOperations ctx = ldapTemplate.lookupContext(groupDn);
        ctx.removeAttributeValue("member", memberDn);
        ldapTemplate.modifyAttributes(ctx);
        return true;
    }
}

Our LdapUser.java

package com.[PROTECTED].ldap.domain;


import java.util.List;

import javax.naming.InvalidNameException;
import javax.naming.Name;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.ldap.odm.annotations.Attribute;
import org.springframework.ldap.odm.annotations.Entry;
import org.springframework.ldap.odm.annotations.Id;
import org.springframework.ldap.support.LdapUtils;

import com.[PROTECTED].exception.ConfigPropertiesException;

@Entry(objectClasses = { "inetOrgPerson", "organizationalPerson", "person", "top" })
public class LdapUser {
    private static final Logger log = LoggerFactory.getLogger(LdapUser.class);
    
    @Id
    private Name dn;
    
    //private @Value("${userBase}") String userBase;
    
    
    //private @Value("${cnIndex}") Integer cnIndex;

    @Attribute(name="cn")
    private String cn;
    
    
    @Attribute(name = "uid")
    private String uid;
    
    @Attribute(name="sn")
    private String sn;

    @Attribute(name = "userPassword")
    private String password;
    
    @Attribute(name = "mail")
    private String mail;
    
    @Attribute(name = "displayName")
    private String displayName;
    
    @Attribute(name = "givenName")
    private String givenName;
    
    @Attribute(name = "memberOf")
    private List<String> memberOf;
    

    public LdapUser(){
    }

    public Name getDn() {
        return dn;
    }

    public void setDn(Name dn) {
        this.dn = dn;
    }

    public void setDn(String commonName) throws ConfigPropertiesException {
        String userBase = System.getProperty("ldap.base");
        String cnIndex = System.getProperty("ldap.cn.index");
        
        if (userBase == null || cnIndex == null){
            throw new ConfigPropertiesException("invalid ldap.base or ldap.cn.index");
        }
        
        Name distinguishedName = LdapUtils.newLdapName(userBase);
        
        if (distinguishedName == null){
            throw new ConfigPropertiesException("distinguishedName cannot be null");
        }
            
        try {
            int pos = Integer.parseInt(cnIndex);
            distinguishedName.add(pos, "cn="+commonName);
        } catch (InvalidNameException e) {
            log.error("Invalid cnIndex in config.properties", e);
            throw new ConfigPropertiesException(e);
        } catch (Throwable t){
            log.error("Invalid cnIndex in config.properties");
            throw new ConfigPropertiesException(t);
        }
        this.dn = distinguishedName;
    }
    
    public Name getFullPathDn() throws ConfigPropertiesException {
        String userBase = System.getProperty("ldap.base");
        String envBaseDn = System.getProperty("ldap.env.base");
        
        if (userBase == null || envBaseDn == null ){
            throw new ConfigPropertiesException("invalid ldap.base or ldap.env.base");
        }
        
        Name distinguishedName = LdapUtils.newLdapName(userBase + "," + envBaseDn);
        
        if (distinguishedName == null){
            throw new ConfigPropertiesException("distinguishedName cannot be null");
        }
            
        try {
            int pos = 5;
            distinguishedName.add(pos, "cn="+this.cn);
        } catch (InvalidNameException e) {
            log.error("Invalid cnIndex in config.properties", e);
            throw new ConfigPropertiesException(e);
        } catch (Throwable t){
            log.error("Invalid cnIndex in config.properties");
            throw new ConfigPropertiesException(t);
        }
        
        return distinguishedName;
    }

    public String getCn() {
        return cn;
    }

    public void setCn(String cn) {
        this.cn = cn;
    }

    public String getUid() {
        return uid;
    }


    public void setUid(String uid) {
        this.uid = uid;
    }


    public String getPassword() {
        return password;
    }


    public void setPassword(String password) {
        this.password = password;
    }
    

    public String getSn() {
        return sn;
    }

    public void setSn(String sn) {
        this.sn = sn;
    }

    public String getMail() {
        return mail;
    }

    public void setMail(String mail) {
        this.mail = mail;
    }

    public String getDisplayName() {
        return displayName;
    }

    public void setDisplayName(String displayName) {
        this.displayName = displayName;
    }

    public String getGivenName() {
        return givenName;
    }

    public void setGivenName(String givenName) {
        this.givenName = givenName;
    }

    public List getMemberOf() {
        return memberOf;
    }

    public void setMemberOf(List memberOf) {
        this.memberOf = memberOf;
    }

    @Override
    public boolean equals(Object o) {
        if (this == o) return true;
        if (o == null || getClass() != o.getClass()) return false;


       LdapUser ldapUser = (LdapUser) o;


        if (dn != null ? !dn.equals(ldapUser.dn) : ldapUser.dn != null) return false;


        return true;
    }


    @Override
    public int hashCode() {
        return dn != null ? dn.hashCode() : 0;
    }
    
}

Any ideas or help anyone has is GREATLY appreciated. Please let me know if I should provide more code or information.

THANK YOU

UPDATE I tried dialing back ldap version to 2.1.0.REALEASE and still have the issue. The issue occurs when runing this line: ldapTemplate.findOne(query().where("uid").is(uid), LdapUser.class)

If I put ldap at our current prod version of 2.0.2, I do not get an error.


Solution

  • The problem was that we had an environment variable being used for the LDAP URL that had the environment base in it like this:

    ldap://ldap.ls.app.systems:389/ou=dv,dc=apii,dc=systems
    

    Versions of spring-ldap-core 2.0.2 and prior were fine with this, but starting in 2.0.3, this url is parsed by the commas, into a list of urls, as the spring-ldap notes state: “If fail-over functionality is desired, more than one URL can be specified, separated using comma (,).” So, it was setting a url of ldap://ldap.ls.app.systems:389/ou=dv, which is going to result in "LDAP: error code 32 - No Such Object" error.

    To fix this, I changed our spring-ldap xml config to this (It didn't have a base at all before):

    <ldap:context-source id="contextSource"
          password="${ldap.managerPassword}"
          url="${ldap.url.spring-ldap}"
          base="${ldap.env.base}"
          username="${ldap.managerDn}"
     />
    

    and set the environment variables to this:

    ldap.url.spring-ldap=ldap://ldap.ls.app.systems:389
    ldap.env.base=ou=dv,dc=apii,dc=systems