Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-183

Problems with LDAP group or user names that contain / or \.

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 1.4.1, 1.5
    • 0.4.5
    • SOAP
    • None

      The following LDAP exception occurs when reading in a group named !Website Feedback/Support from an Active Directory server:

      org.springframework.ldap.UncategorizedLdapException: Operation failed; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031006CC, problem 5012 (DIR_ERROR), data 0
      ]; remaining name 'cn=!Website Feedback/Support, ou=Distribution Lists, ou=Groups, dc=corp, dc=example, dc=com'
      javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031006CC, problem 5012 (DIR_ERROR), data 0
      ]; remaining name 'cn=!Website Feedback/Support, ou=Distribution Lists, ou=Groups, dc=corp, dc=example, dc=com'
              at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3025)
              at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
              at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
      

      This exception then propergates to the wire layer as an exception on the client:

      org.codehaus.xfire.XFireRuntimeException: Could not invoke service.. Nested exception is org.codehaus.xfire.fault.XFireFault: Could not parse message.
      org.codehaus.xfire.fault.XFireFault: Could not parse message.
      	at org.codehaus.xfire.fault.Soap11FaultSerializer.readMessage(Soap11FaultSerializer.java:78)
      	at org.codehaus.xfire.fault.SoapFaultSerializer.readMessage(SoapFaultSerializer.java:28)
      

            [CWD-183] Problems with LDAP group or user names that contain / or \.

            Complete fix for forward-slashes in group and user names. Partial fix for backslashes.

            There's a bug in the JDK that means that DNs with backslashes can be incorrectly escaped, making modifications to them impossible from Crowd. This means that attempting to add or remove a user from a group that contains a blacklash in the name may fail.

            We're going to resolve this issue and track the remainder of the fix on the linked CWD-1069.

            David O'Flynn [Atlassian] added a comment - Complete fix for forward-slashes in group and user names. Partial fix for backslashes. There's a bug in the JDK that means that DNs with backslashes can be incorrectly escaped, making modifications to them impossible from Crowd. This means that attempting to add or remove a user from a group that contains a blacklash in the name may fail. We're going to resolve this issue and track the remainder of the fix on the linked CWD-1069 .

            Comma also (escaped as well) are a problem.

            Justen Stepka [Atlassian] added a comment - Comma also (escaped as well) are a problem.

            Justin Koke added a comment - Issue raised in Spring LDAP http://opensource.atlassian.com/projects/spring/browse/LDAP-50

            Justin Koke added a comment - - edited

            I have narrowed this down to actually being caused by Spring LDAP.

            To replicate this issue, create a group with a name that contains a '/' or a '\'

            '\' is being encoded and end up throwing the following exception:

            16:42:27,972 ERROR org.codehaus.xfire.handler.DefaultFaultHandler: Fault occurred!
            org.springframework.ldap.UncategorizedLdapException: Operation failed; nested exception is javax.naming.NamingException: problem generating object using object factory [Root exception is org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.support.TokenMgrError: Lexical error at line 1, column 22.  Encountered: "\\" (92), after : ""]; remaining name 'dc=ad,dc=atlassian,dc=com'
            javax.naming.NamingException: problem generating object using object factory [Root exception is org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.support.TokenMgrError: Lexical error at line 1, column 22.  Encountered: "\\" (92), after : ""]; remaining name 'dc=ad,dc=atlassian,dc=com'
            	at com.sun.jndi.ldap.LdapSearchEnumeration.createItem(LdapSearchEnumeration.java:111)
            	at com.sun.jndi.ldap.LdapNamingEnumeration.nextAux(LdapNamingEnumeration.java:256)
            	at com.sun.jndi.ldap.LdapNamingEnumeration.nextImpl(LdapNamingEnumeration.java:236)
            	at com.sun.jndi.ldap.LdapNamingEnumeration.next(LdapNamingEnumeration.java:184)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:271)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:231)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:561)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:475)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:423)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:444)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:464)
            	at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.buildDN(SpringLDAPConnector.java:151)
            	at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.getGroupDN(SpringLDAPConnector.java:173)
            	at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.isGroupMember(SpringLDAPConnector.java:316)
            	at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.findGroupMemberships(SpringLDAPConnector.java:806)
            	at com.atlassian.crowd.manager.directory.DirectoryManagerGeneric.findGroupMemberships(DirectoryManagerGeneric.java:2027)
            	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
            	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            	at java.lang.reflect.Method.invoke(Method.java:585)
            	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:287)
            	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:181)
            	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:148)
            	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
            	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
            	at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:88)
            	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
            	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176)
            	at $Proxy3.findGroupMemberships(Unknown Source)
            	at com.atlassian.crowd.service.soap.SecurityServerGeneric.findGroupMemberships(SecurityServerGeneric.java:733)
            	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
            	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            	at java.lang.reflect.Method.invoke(Method.java:585)
            	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:287)
            	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:181)
            	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:148)
            	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
            	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
            	at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:88)
            	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
            	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176)
            	at $Proxy5.findGroupMemberships(Unknown Source)
            	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
            	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
            	at java.lang.reflect.Method.invoke(Method.java:585)
            	at org.codehaus.xfire.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:54)
            	at org.codehaus.xfire.service.binding.ServiceInvocationHandler.sendMessage(ServiceInvocationHandler.java:271)
            	at org.codehaus.xfire.service.binding.ServiceInvocationHandler$1.run(ServiceInvocationHandler.java:84)
            	at org.codehaus.xfire.service.binding.ServiceInvocationHandler.execute(ServiceInvocationHandler.java:132)
            	at org.codehaus.xfire.service.binding.ServiceInvocationHandler.invoke(ServiceInvocationHandler.java:107)
            	at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
            	at org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)
            	at org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38)
            	at org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:287)
            	at org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:130)
            	at org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)
            	at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
            	at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
            	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
            	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
            	at com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:189)
            	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
            	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
            	at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)
            	at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)
            	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
            	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
            	at com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:88)
            	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
            	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
            	at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:174)
            	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:77)
            	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
            	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
            	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
            	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
            	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
            	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
            	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
            	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
            	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
            	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
            	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
            	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
            	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
            	at java.lang.Thread.run(Thread.java:595)
            Caused by: org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.support.TokenMgrError: Lexical error at line 1, column 22.  Encountered: "\\" (92), after : ""
            	at org.springframework.ldap.support.DistinguishedName.parse(DistinguishedName.java:134)
            	at org.springframework.ldap.support.DistinguishedName.<init>(DistinguishedName.java:89)
            	at org.springframework.ldap.support.DirContextAdapter.<init>(DirContextAdapter.java:131)
            	at org.springframework.ldap.support.DefaultDirObjectFactory.getObjectInstance(DefaultDirObjectFactory.java:56)
            	at javax.naming.spi.DirectoryManager.createObjectFromFactories(DirectoryManager.java:218)
            	at javax.naming.spi.DirectoryManager.getObjectInstance(DirectoryManager.java:197)
            	at com.sun.jndi.ldap.LdapSearchEnumeration.createItem(LdapSearchEnumeration.java:105)
            	... 87 more
            Caused by: org.springframework.ldap.support.TokenMgrError: Lexical error at line 1, column 22.  Encountered: "\\" (92), after : ""
            	at org.springframework.ldap.support.DnParserImplTokenManager.getNextToken(DnParserImplTokenManager.java:693)
            	at org.springframework.ldap.support.DnParserImpl.jj_ntk(DnParserImpl.java:253)
            	at org.springframework.ldap.support.DnParserImpl.attributeTypeAndValue(DnParserImpl.java:102)
            	at org.springframework.ldap.support.DnParserImpl.rdn(DnParserImpl.java:62)
            	at org.springframework.ldap.support.DnParserImpl.dn(DnParserImpl.java:27)
            	at org.springframework.ldap.support.DistinguishedName.parse(DistinguishedName.java:130)
            	... 93 more
            

            and '/' is throwing the following exception:

            16:34:30,034  INFO crowd.integration.directory.connector.SpringLDAPConnector: Performing search: containerDN = cn=Website Feedback/Support, ou=Groups, dc=ad, dc=atlassian, dc=com - filter = (member=cn=Monkey Boy, cn=Users, dc=ad, dc=atlassian, dc=com)
            16:34:30,050 ERROR org.codehaus.xfire.handler.DefaultFaultHandler: Fault occurred!
            org.springframework.ldap.UncategorizedLdapException: Operation failed; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031006CC, problem 5012 (DIR_ERROR), data 0]; remaining name 'cn=Website Feedback/Support, ou=Groups, dc=ad, dc=atlassian, dc=com'
            javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031006CC, problem 5012 (DIR_ERROR), data 0
            remaining name 'cn=Website Feedback/Support, ou=Groups, dc=ad, dc=atlassian, dc=com'
            	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3025)
            	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
            	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
            	at com.sun.jndi.ldap.LdapCtx.c_lookup(LdapCtx.java:993)
            	at com.sun.jndi.toolkit.ctx.ComponentContext.c_resolveIntermediate_nns(ComponentContext.java:152)
            	at com.sun.jndi.toolkit.ctx.AtomicContext.c_resolveIntermediate_nns(AtomicContext.java:342)
            	at com.sun.jndi.toolkit.ctx.ComponentContext.p_resolveIntermediate(ComponentContext.java:381)
            	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:360)
            	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
            	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
            	at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
            	at org.springframework.ldap.LdapTemplate$4.executeSearch(LdapTemplate.java:227)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:268)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:231)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:561)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:475)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:423)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:444)
            	at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:464)
            	at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.isMemeber(SpringLDAPConnector.java:307)
            	at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.isGroupMember(SpringLDAPConnector.java:319)
            	at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.findGroupMemberships(SpringLDAPConnector.java:806)
            	at com.atlassian.crowd.manager.directory.DirectoryManagerGeneric.findGroupMemberships(DirectoryManagerGeneric.java:2027)
            

            Justin Koke added a comment - - edited I have narrowed this down to actually being caused by Spring LDAP. To replicate this issue, create a group with a name that contains a '/' or a '\' '\' is being encoded and end up throwing the following exception: 16:42:27,972 ERROR org.codehaus.xfire.handler.DefaultFaultHandler: Fault occurred! org.springframework.ldap.UncategorizedLdapException: Operation failed; nested exception is javax.naming.NamingException: problem generating object using object factory [Root exception is org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.support.TokenMgrError: Lexical error at line 1, column 22. Encountered: "\\" (92), after : ""]; remaining name 'dc=ad,dc=atlassian,dc=com' javax.naming.NamingException: problem generating object using object factory [Root exception is org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.support.TokenMgrError: Lexical error at line 1, column 22. Encountered: "\\" (92), after : ""]; remaining name 'dc=ad,dc=atlassian,dc=com' at com.sun.jndi.ldap.LdapSearchEnumeration.createItem(LdapSearchEnumeration.java:111) at com.sun.jndi.ldap.LdapNamingEnumeration.nextAux(LdapNamingEnumeration.java:256) at com.sun.jndi.ldap.LdapNamingEnumeration.nextImpl(LdapNamingEnumeration.java:236) at com.sun.jndi.ldap.LdapNamingEnumeration.next(LdapNamingEnumeration.java:184) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:271) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:231) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:561) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:475) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:423) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:444) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:464) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.buildDN(SpringLDAPConnector.java:151) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.getGroupDN(SpringLDAPConnector.java:173) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.isGroupMember(SpringLDAPConnector.java:316) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.findGroupMemberships(SpringLDAPConnector.java:806) at com.atlassian.crowd.manager.directory.DirectoryManagerGeneric.findGroupMemberships(DirectoryManagerGeneric.java:2027) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:287) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:181) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:148) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170) at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:88) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176) at $Proxy3.findGroupMemberships(Unknown Source) at com.atlassian.crowd.service.soap.SecurityServerGeneric.findGroupMemberships(SecurityServerGeneric.java:733) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:287) at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:181) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:148) at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170) at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:88) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170) at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176) at $Proxy5.findGroupMemberships(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.codehaus.xfire.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:54) at org.codehaus.xfire.service.binding.ServiceInvocationHandler.sendMessage(ServiceInvocationHandler.java:271) at org.codehaus.xfire.service.binding.ServiceInvocationHandler$1.run(ServiceInvocationHandler.java:84) at org.codehaus.xfire.service.binding.ServiceInvocationHandler.execute(ServiceInvocationHandler.java:132) at org.codehaus.xfire.service.binding.ServiceInvocationHandler.invoke(ServiceInvocationHandler.java:107) at org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131) at org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64) at org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38) at org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:287) at org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:130) at org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116) at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:189) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118) at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:88) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:174) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:77) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run(Thread.java:595) Caused by: org.springframework.ldap.BadLdapGrammarException: Failed to parse DN; nested exception is org.springframework.ldap.support.TokenMgrError: Lexical error at line 1, column 22. Encountered: "\\" (92), after : "" at org.springframework.ldap.support.DistinguishedName.parse(DistinguishedName.java:134) at org.springframework.ldap.support.DistinguishedName.<init>(DistinguishedName.java:89) at org.springframework.ldap.support.DirContextAdapter.<init>(DirContextAdapter.java:131) at org.springframework.ldap.support.DefaultDirObjectFactory.getObjectInstance(DefaultDirObjectFactory.java:56) at javax.naming.spi.DirectoryManager.createObjectFromFactories(DirectoryManager.java:218) at javax.naming.spi.DirectoryManager.getObjectInstance(DirectoryManager.java:197) at com.sun.jndi.ldap.LdapSearchEnumeration.createItem(LdapSearchEnumeration.java:105) ... 87 more Caused by: org.springframework.ldap.support.TokenMgrError: Lexical error at line 1, column 22. Encountered: "\\" (92), after : "" at org.springframework.ldap.support.DnParserImplTokenManager.getNextToken(DnParserImplTokenManager.java:693) at org.springframework.ldap.support.DnParserImpl.jj_ntk(DnParserImpl.java:253) at org.springframework.ldap.support.DnParserImpl.attributeTypeAndValue(DnParserImpl.java:102) at org.springframework.ldap.support.DnParserImpl.rdn(DnParserImpl.java:62) at org.springframework.ldap.support.DnParserImpl.dn(DnParserImpl.java:27) at org.springframework.ldap.support.DistinguishedName.parse(DistinguishedName.java:130) ... 93 more and '/' is throwing the following exception: 16:34:30,034 INFO crowd.integration.directory.connector.SpringLDAPConnector: Performing search: containerDN = cn=Website Feedback/Support, ou=Groups, dc=ad, dc=atlassian, dc=com - filter = (member=cn=Monkey Boy, cn=Users, dc=ad, dc=atlassian, dc=com) 16:34:30,050 ERROR org.codehaus.xfire.handler.DefaultFaultHandler: Fault occurred! org.springframework.ldap.UncategorizedLdapException: Operation failed; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031006CC, problem 5012 (DIR_ERROR), data 0]; remaining name 'cn=Website Feedback/Support, ou=Groups, dc=ad, dc=atlassian, dc=com' javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr: DSID-031006CC, problem 5012 (DIR_ERROR), data 0 remaining name 'cn=Website Feedback/Support, ou=Groups, dc=ad, dc=atlassian, dc=com' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3025) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737) at com.sun.jndi.ldap.LdapCtx.c_lookup(LdapCtx.java:993) at com.sun.jndi.toolkit.ctx.ComponentContext.c_resolveIntermediate_nns(ComponentContext.java:152) at com.sun.jndi.toolkit.ctx.AtomicContext.c_resolveIntermediate_nns(AtomicContext.java:342) at com.sun.jndi.toolkit.ctx.ComponentContext.p_resolveIntermediate(ComponentContext.java:381) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:360) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248) at org.springframework.ldap.LdapTemplate$4.executeSearch(LdapTemplate.java:227) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:268) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:231) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:561) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:475) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:423) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:444) at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:464) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.isMemeber(SpringLDAPConnector.java:307) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.isGroupMember(SpringLDAPConnector.java:319) at com.atlassian.crowd.integration.directory.connector.SpringLDAPConnector.findGroupMemberships(SpringLDAPConnector.java:806) at com.atlassian.crowd.manager.directory.DirectoryManagerGeneric.findGroupMemberships(DirectoryManagerGeneric.java:2027)

              Unassigned Unassigned
              5de7ed0cbd95 BrianY
              Affected customers:
              1 This affects my team
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: