[Building Sakai] authorization to send to mailarchive fails with duplicate email addresses in ldap

Matthew Jones jonespm at umich.edu
Wed Mar 31 21:03:47 PDT 2010


As a followup, I'd filed this as
http://jira.sakaiproject.org/browse/SAK-17922 when you reported it.
Steve Swinsburg attached a patch today with the comment:

"Attached a patch for JLDAP provider that implements UsersShareUDP and
finds multiple users with the same email address.
However, I don't have access to an LDAP server that allows multiple
entries with the same email address.
If someone could test this that would be great. This is almost exactly
the same logic as SAK-18288 so it should be fine. Let me know and I
will commit. "

On Mon, Jan 25, 2010 at 1:17 PM, Robert Taylor <rgtaylor at cs.uvic.ca> wrote:
>
> Thanks Matthew,
>
> Do you (or anyone else) know if there is any fix available for the jldap provider then - it seems like the issue was identified in Sakai 2.1?
>
> Its not terribly unusual at our institution for a single individual to have multiple accounts with the same email address.   I would have thought that others had run into this problem too.
>
> Thanks,
>
> Robert.
>
>
> --
> Robert Taylor
> Senior System Adminsitrator
> Department of Computer Science
> University of Victoria, Canada
> rgtaylor at cs.uvic.ca
>
> On Fri, 22 Jan 2010 14:45:14 -0800, Matthew Jones <jonespm at umich.edu> wrote:
>
>> It appears as if the jldap provider doesn't implement the UsersShareEmailUDP
>> interface. (At least not in any version of the source I can find, even
>> though it was mentioned in that old SAK you described).
>>
>> In the version of jldap provider, it is just implementing the call for
>> findUserByEmail (for a single user) and calling searchDirectory with a
>> parameter of 1 for maxResults. (Which is appropriate, but probably causing
>> the error when it finds more than 1)
>>
>>  853                 List results = searchDirectory(filter, conn,
>>  854                                 mapper,
>>  855                                 searchResultPhysicalAttributeNames,
>>  856                                 searchBaseDn,
>>  857                                 1);
>>
>> Email archive should have no problem handling this case if the provider was
>> fixed to search for multiple entries.
>>
>> -Matthew
>>
>> On Fri, Jan 22, 2010 at 4:54 PM, Robert Taylor <rgtaylor at cs.uvic.ca> wrote:
>>
>>>
>>> Hello,
>>>
>>> We are running into an issue with the mail archive tool in Sakai 2.6.x
>>> where permission to send an email fails because there are multiple
>>> accounts with the same email address in our LDAP.   I found a resolved bug
>>> (#SAK-2025), but it seems to only apply to Sakai 2.1.
>>>
>>> The stack trace (included below) shows that the JLDAP provider is being
>>> called with a searchDirectoryForSingleEntry which would seem to be the
>>> problem.  Should we be using in a different release of the archive tool?
>>> I have tested this behavior on 72309 and 69904 of mailarchive.
>>>
>>> Thanks,
>>>
>>> Robert.
>>>
>>>
>>>
>>> 2010-01-22 13:01:09,148 ERROR default Worker #3
>>> edu.amc.sakai.user.JLDAPDirectoryProvider - findUserByEmail(): failed
>>> [email = user at csc.uvic.ca]
>>> LDAPException: Sizelimit Exceeded (4) Sizelimit Exceeded
>>> LDAPException: Matched DN:
>>>        at com.novell.ldap.LDAPResponse.getResultException(Unknown Source)
>>>        at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source)
>>>        at com.novell.ldap.LDAPSearchResults.next(Unknown Source)
>>>        at
>>>
>>> edu.amc.sakai.user.JLDAPDirectoryProvider.searchDirectory(JLDAPDirectoryProvider.java:941)
>>>        at
>>>
>>> edu.amc.sakai.user.JLDAPDirectoryProvider.searchDirectoryForSingleEntry(JLDAPDirectoryProvider.java:846)
>>>        at
>>>
>>> edu.amc.sakai.user.JLDAPDirectoryProvider.findUserByEmail(JLDAPDirectoryProvider.java:502)
>>>        at
>>>
>>> org.sakaiproject.provider.user.FilterUserDirectoryProvider.findUsersByEmail(FilterUserDirectoryProvider.java:453)
>>>        at
>>>
>>> org.sakaiproject.user.impl.BaseUserDirectoryService.findUsersByEmail(BaseUserDirectoryService.java:1214)
>>>        at
>>>
>>> org.sakaiproject.user.cover.UserDirectoryService.findUsersByEmail(UserDirectoryService.java:137)
>>>        at
>>> org.sakaiproject.james.SakaiMailet.fromValidUser(SakaiMailet.java:430)
>>>        at org.sakaiproject.james.SakaiMailet.service(SakaiMailet.java:295)
>>>        at
>>>
>>> org.apache.james.transport.LinearProcessor.service(LinearProcessor.java:413)
>>>        at
>>>
>>> org.apache.james.transport.JamesSpoolManager.process(JamesSpoolManager.java:436)
>>>        at
>>>
>>> org.apache.james.transport.JamesSpoolManager.run(JamesSpoolManager.java:366)
>>>        at
>>>
>>> org.apache.avalon.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:47)
>>>        at
>>>
>>> org.apache.avalon.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:80)
>>> 2010-01-22 13:01:09,150 ERROR default Worker #3
>>> edu.amc.sakai.user.JLDAPDirectoryProvider - findUserByEmail(): failed
>>> [email = user at csc.uvic.ca]
>>> LDAPException: Sizelimit Exceeded (4) Sizelimit Exceeded
>>> LDAPException: Matched DN:
>>>        at com.novell.ldap.LDAPResponse.getResultException(Unknown Source)
>>>        at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source)
>>>        at com.novell.ldap.LDAPSearchResults.next(Unknown Source)
>>>        at
>>>
>>> edu.amc.sakai.user.JLDAPDirectoryProvider.searchDirectory(JLDAPDirectoryProvider.java:941)
>>>        at
>>>
>>> edu.amc.sakai.user.JLDAPDirectoryProvider.searchDirectoryForSingleEntry(JLDAPDirectoryProvider.java:846)
>>>        at
>>>
>>> edu.amc.sakai.user.JLDAPDirectoryProvider.findUserByEmail(JLDAPDirectoryProvider.java:502)
>>>        at
>>>
>>> org.sakaiproject.provider.user.FilterUserDirectoryProvider.findUsersByEmail(FilterUserDirectoryProvider.java:453)
>>>        at
>>>
>>> org.sakaiproject.provider.user.FilterUserDirectoryProvider.findUsersByEmail(FilterUserDirectoryProvider.java:462)
>>>        at
>>>
>>> org.sakaiproject.user.impl.BaseUserDirectoryService.findUsersByEmail(BaseUserDirectoryService.java:1214)
>>>        at
>>>
>>> org.sakaiproject.user.cover.UserDirectoryService.findUsersByEmail(UserDirectoryService.java:137)
>>>        at
>>> org.sakaiproject.james.SakaiMailet.fromValidUser(SakaiMailet.java:430)
>>>        at org.sakaiproject.james.SakaiMailet.service(SakaiMailet.java:295)
>>>        at
>>>
>>> org.apache.james.transport.LinearProcessor.service(LinearProcessor.java:413)
>>>        at
>>>
>>> org.apache.james.transport.JamesSpoolManager.process(JamesSpoolManager.java:436)
>>>        at
>>>
>>> org.apache.james.transport.JamesSpoolManager.run(JamesSpoolManager.java:366)
>>>        at
>>>
>>> org.apache.avalon.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:47)
>>>        at
>>>
>>> org.apache.avalon.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:80)
>>> 2010-01-22 13:01:09,153  INFO default Worker #3
>>> org.sakaiproject.james.SakaiMailet -
>>> <4b5a1209.4VCM7QgwvNUaYOnc%user at csc.uvic.ca<4b5a1209.4VCM7QgwvNUaYOnc%25user at csc.uvic.ca>>
>>> : mail rejected: from:
>>> user at csc.uvic.ca not authorized for site:
>>>
>>> --
>>> Robert Taylor
>>> Senior System Administrator
>>> Department of Computer Science
>>> University of Victoria, Canada
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>> _______________________________________________
>>> sakai-dev mailing list
>>> sakai-dev at collab.sakaiproject.org
>>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>
>>> TO UNSUBSCRIBE: send email to
>>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
>>> "unsubscribe"
>>>
>
>
> --
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>


More information about the sakai-dev mailing list