留言板
RE: Deleting Users in LDAP\Liferay
Hi,
I am new to the world of both LDAP Servers and Liferay (I am using Liferay 5.2.2).
I have a question. If I delete a user in my LDAP server, will it deactivate or delete that user in Liferay without
doing a manual delete in Liferay? From my experimentation, the answer seems to be no. Is there a way to
keep synchronized with what's in the LDAP server with what's in Liferay?
Furthermore, if I deactivate then delete a user in Liferay (that still has a valid entry in my LDAP server), when I try to login
using the deleted user's credentials, I get the following error displayed on the browser:
An unexpected system error occurred.
java.lang.NullPointerException
Looking at the logs I get the following:
[4/23/09 12:39:18:361 PDT] 00000040 SystemOut O 12:39:18,360 ERROR [UserImpl:108] com.liferay.portal.NoSuchContactException: No Contact exists with the primary key 11302
com.liferay.portal.NoSuchContactException: No Contact exists with the primary key 11302
at com.liferay.portal.service.persistence.ContactPersistenceImpl.findByPrimaryKey(ContactPersistenceImpl.java:231)
at sun.reflect.GeneratedMethodAccessor264.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy9.findByPrimaryKey(Unknown Source)
[4/23/09 12:39:18:367 PDT] 00000040 SystemOut O 12:39:18,365 ERROR [MainServlet:686] com.liferay.portal.ModelListenerException: javax.naming.directory.SchemaViolationException: [LDAP: error code 67 - Not Allowed On RDN]; remaining name 'cn=hwongjj4,ou=users,ou=SWG,o=IBM,c=US'
com.liferay.portal.ModelListenerException: javax.naming.directory.SchemaViolationException: [LDAP: error code 67 - Not Allowed On RDN]; remaining name 'cn=hwongjj4,ou=users,ou=SWG,o=IBM,c=US'
at com.liferay.portal.model.UserListener.onAfterUpdate(UserListener.java:56)
at com.liferay.portal.service.persistence.UserPersistenceImpl.update(UserPersistenceImpl.java:252)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
...
[4/23/09 12:39:18:386 PDT] 00000040 SystemOut O 12:39:18,385 ERROR [jsp:654] com.liferay.portal.kernel.events.ActionException: java.lang.NullPointerException
com.liferay.portal.kernel.events.ActionException: java.lang.NullPointerException
at com.liferay.portal.events.ServicePreAction.run(ServicePreAction.java:149)
at com.liferay.portal.events.EventsProcessor._processEvent(EventsProcessor.java:141)
at com.liferay.portal.events.EventsProcessor._process(EventsProcessor.java:118)
at com.liferay.portal.events.EventsProcessor.process(EventsProcessor.java:75)
at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:693)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
...
Is this a known problem?
Regards,
Henry
I am new to the world of both LDAP Servers and Liferay (I am using Liferay 5.2.2).
I have a question. If I delete a user in my LDAP server, will it deactivate or delete that user in Liferay without
doing a manual delete in Liferay? From my experimentation, the answer seems to be no. Is there a way to
keep synchronized with what's in the LDAP server with what's in Liferay?
Furthermore, if I deactivate then delete a user in Liferay (that still has a valid entry in my LDAP server), when I try to login
using the deleted user's credentials, I get the following error displayed on the browser:
An unexpected system error occurred.
java.lang.NullPointerException
Looking at the logs I get the following:
[4/23/09 12:39:18:361 PDT] 00000040 SystemOut O 12:39:18,360 ERROR [UserImpl:108] com.liferay.portal.NoSuchContactException: No Contact exists with the primary key 11302
com.liferay.portal.NoSuchContactException: No Contact exists with the primary key 11302
at com.liferay.portal.service.persistence.ContactPersistenceImpl.findByPrimaryKey(ContactPersistenceImpl.java:231)
at sun.reflect.GeneratedMethodAccessor264.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy9.findByPrimaryKey(Unknown Source)
[4/23/09 12:39:18:367 PDT] 00000040 SystemOut O 12:39:18,365 ERROR [MainServlet:686] com.liferay.portal.ModelListenerException: javax.naming.directory.SchemaViolationException: [LDAP: error code 67 - Not Allowed On RDN]; remaining name 'cn=hwongjj4,ou=users,ou=SWG,o=IBM,c=US'
com.liferay.portal.ModelListenerException: javax.naming.directory.SchemaViolationException: [LDAP: error code 67 - Not Allowed On RDN]; remaining name 'cn=hwongjj4,ou=users,ou=SWG,o=IBM,c=US'
at com.liferay.portal.model.UserListener.onAfterUpdate(UserListener.java:56)
at com.liferay.portal.service.persistence.UserPersistenceImpl.update(UserPersistenceImpl.java:252)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:79)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
...
[4/23/09 12:39:18:386 PDT] 00000040 SystemOut O 12:39:18,385 ERROR [jsp:654] com.liferay.portal.kernel.events.ActionException: java.lang.NullPointerException
com.liferay.portal.kernel.events.ActionException: java.lang.NullPointerException
at com.liferay.portal.events.ServicePreAction.run(ServicePreAction.java:149)
at com.liferay.portal.events.EventsProcessor._processEvent(EventsProcessor.java:141)
at com.liferay.portal.events.EventsProcessor._process(EventsProcessor.java:118)
at com.liferay.portal.events.EventsProcessor.process(EventsProcessor.java:75)
at com.liferay.portal.servlet.MainServlet.service(MainServlet.java:693)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
...
Is this a known problem?
Regards,
Henry
Hi Henry,
You may need to check the permissions of the user in Liferay portal and LDAP Server. The user should have permissions in both Liferay portal and LDAP server.
Hope that it helps.
Thanks
Jonas Yuan
You may need to check the permissions of the user in Liferay portal and LDAP Server. The user should have permissions in both Liferay portal and LDAP server.
Hope that it helps.
Thanks
Jonas Yuan
If you delete a user in LDAP, it is not deleted in Liferay.
If you set LDAP required, then users will have to exist in LDAP to login.
If you set LDAP required, then users will have to exist in LDAP to login.
A related question:
How does one go about deleting users from liferay?
How does one go about deleting users from liferay?
From the "users" section in the control panel.
You need to first deactivate the users using the "actions" button against the user.
Then, you need to search for the user, then again "actions" and then delete it (anybody got a better way?)
-Arnab
You need to first deactivate the users using the "actions" button against the user.
Then, you need to search for the user, then again "actions" and then delete it (anybody got a better way?)
-Arnab
Hi team,
I configured everything for ldap in liferay. I'm successfully creating the users in ldap through the Liferay UI or from SighIn portlet. And all the users are getting imported into liferay from ldap. The problem here is whenever I deleted an users the user is not able to enter into liferay, upto this is fine. But the same user is not deleting from the ldap tree. So is there any way to delete the users in ldap tree from Liferay UI(Through Controlpanel->users)?? Or is there any limitation on this?
Any suggession is more appriciated.
I configured everything for ldap in liferay. I'm successfully creating the users in ldap through the Liferay UI or from SighIn portlet. And all the users are getting imported into liferay from ldap. The problem here is whenever I deleted an users the user is not able to enter into liferay, upto this is fine. But the same user is not deleting from the ldap tree. So is there any way to delete the users in ldap tree from Liferay UI(Through Controlpanel->users)?? Or is there any limitation on this?
Any suggession is more appriciated.
No one did this?
I think some one did this. Please respond to me.
G P,
We have the same issues on our portal. Did you ever find a solution?
Kevin L. Stewart
We have the same issues on our portal. Did you ever find a solution?
Kevin L. Stewart
I want to know the same thing....How to delete a LDAP user from Liferay?
Thanks
Thanks
Ditto. We are testing Liferay integration with an open source LDAP provider and while user imports and authentication works fine, deleting a user from the Liferay UI does not delete the object in LDAP. This obviously leaves "orphaned" users in LDAP which are still active. This creates a security issue if the LDAP source is used for more than just Liferay. (For example: chat services, video conferencing, etc....)
Feature request - when deleting users from Liferay UI, the user should be deleted from back-end LDAP source. If you cannot delete, then a certain flag which indicates the account is "INACTIVE" should be set. Thanks!
Feature request - when deleting users from Liferay UI, the user should be deleted from back-end LDAP source. If you cannot delete, then a certain flag which indicates the account is "INACTIVE" should be set. Thanks!
Basically the LDAP integration is really more an import as a sync. You can basically extend the ootb importer so it will work as a sync. The biggest issue by the existing LDAP integration is the fact, that each user, which is deleted from LDAP will stay in Liferay and thus can still log in. The same applies if the user is deleted in Liferay and the export is activated. Once the LDAP integration is done in a pluggable way as other hooks are, there should be some LDAP hook providing this feature.
Regards,
Jan.
Regards,
Jan.
We have the same issue. Is there a hook available for that case? We are new to liferay and this is a highly required feature for us.
Thanks,
Stephan
Thanks,
Stephan
Hitoshi Ozawa,修改在12 年前。
RE: Deleting Users in LDAP\Liferay
Liferay Legend 帖子: 7942 加入日期: 10-3-24 最近的帖子
I think organization weren't deleted either.
One possibility is to create a portlet which uses Liferay's cron to check these.
I have to check this with my company, but would people be interested if I put this on sale in Liferay's Marketplace?
One possibility is to create a portlet which uses Liferay's cron to check these.
I have to check this with my company, but would people be interested if I put this on sale in Liferay's Marketplace?