Spring not able to load ldif

Question

I'm currently tryin to build a small webapplication with Spring Boot 1.4.2.RELEASE. For that I'm also using Spring Boot LDAP with embedded LDAP and ldif loaded. If I'm starting that it always tells me that there is no DN set as you will see below.

So is someone able to tell my how to get that running if I'm missing something. Already tried some example ldif files from tutorials but there is always the same result.

Here are some parts of my configuration: - Java 8 - Spring Boot 1.4.2.RELEASE - Spring Annotation instead of xml - Gradle

build.gradle:

... springBootVersion = '1.4.2.RELEASE'
compile ('org.springframework.boot:spring-boot-starter-web') {
    exclude module: 'org.springframework.boot:spring-boot-starter-tomcat'
}
compile 'org.springframework.boot:spring-boot-starter-jetty',
        'org.springframework.boot:spring-boot-starter-data-jpa',
        'org.springframework.boot:spring-boot-starter-data-rest',
        'org.springframework.boot:spring-boot-starter-freemarker',
        'org.springframework.boot:spring-boot-starter-security',
        'org.springframework.boot:spring-boot-actuator',
        'org.springframework.boot:spring-boot-devtools',
        'org.springframework.security:spring-security-ldap',
        'org.springframework:spring-tx',
        'com.h2database:h2',
        'org.apache.directory.server:apacheds-server-jndi:1.5.5'
testCompile 'org.springframework.boot:spring-boot-starter-test',
            'org.springframework.security:spring-security-test'
...

Configuration:

@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
                .authorizeRequests()
                    .anyRequest().fullyAuthenticated()
                    .and()
                .formLogin();
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .ldapAuthentication()
                    .userSearchFilter("uid={0}")
                    .userSearchBase("ou=users")
                    .groupSearchBase("ou=groups")
                    .groupSearchFilter("(uniqueMember={0}")
                    .groupRoleAttribute("cn")
                    .rolePrefix("ROLE")
                    .contextSource().ldif("classpath:test.ldif")
                    .root("o=mojo");
    }

....

test.ldif:

version: 1

dn: o=mojo
objectClass: organization
objectClass: extensibleObject
objectClass: top
o: mojo

dn: ou=users,o=mojo
objectClass: extensibleObject
objectClass: organizationalUnit
objectClass: top
ou: users

dn: ou=groups,o=mojo
objectClass: extensibleObject
objectClass: organizationalUnit
objectClass: top
ou: groups

dn: cn=User,ou=groups,o=mojo
objectClass: groupOfUniqueNames
objectClass: top
cn: User
uniqueMember: cn=John Milton,ou=users,o=mojo
uniqueMember: cn=Robert Browning,ou=users,o=mojo
uniqueMember: cn=Hugo Williams,ou=users,o=mojo
uniqueMember: cn=John Keats,ou=users,o=mojo

dn: cn=Admin,ou=groups,o=mojo
objectClass: groupOfUniqueNames
objectClass: top
cn: Admin
uniqueMember: cn=Hugo Williams,ou=users,o=mojo
uniqueMember: cn=John Keats,ou=users,o=mojo

dn: cn=Robert Browning,ou=users,o=mojo
objectClass: organizationalPerson
objectClass: person
objectClass: inetOrgPerson
objectClass: top
cn: Robert Browning
sn: Browning
uid: rbrowning
userPassword:: cGFzcw==

...

Error Message:

2016-11-25 22:45:58.383  INFO 15028 --- [  restartedMain] o.s.s.ldap.server.ApacheDSContainer      : Loading LDIF file: C:\SourceCode\Zeiterfassung\src\main\resources\test.ldif
2016-11-25 22:45:58.391  WARN 15028 --- [  restartedMain] o.a.d.shared.ldap.ldif.LdifReader        : No version information : assuming version: 1
2016-11-25 22:45:58.391 ERROR 15028 --- [  restartedMain] o.a.d.shared.ldap.ldif.LdifReader        : A ldif entry must start with a DN
2016-11-25 22:45:58.392 ERROR 15028 --- [  restartedMain] o.a.d.s.p.shared.store.LdifFileLoader    : Failed to import LDIF into backing store.

javax.naming.NamingException: No DN for entry
    at org.apache.directory.shared.ldap.ldif.LdifReader.parseDn(LdifReader.java:562) ~[shared-ldap-0.9.15.jar:na]
    at org.apache.directory.shared.ldap.ldif.LdifReader.parseEntry(LdifReader.java:1234) ~[shared-ldap-0.9.15.jar:na]
    at org.apache.directory.shared.ldap.ldif.LdifReader.init(LdifReader.java:282) ~[shared-ldap-0.9.15.jar:na]
    at org.apache.directory.shared.ldap.ldif.LdifReader.<init>(LdifReader.java:329) ~[shared-ldap-0.9.15.jar:na]
    at org.apache.directory.server.protocol.shared.store.LdifFileLoader.execute(LdifFileLoader.java:181) ~[apacheds-protocol-shared-1.5.5.jar:na]
    at org.springframework.security.ldap.server.ApacheDSContainer.importLdifs(ApacheDSContainer.java:280) [spring-security-ldap-4.1.3.RELEASE.jar:4.1.3.RELEASE]
    at org.springframework.security.ldap.server.ApacheDSContainer.start(ApacheDSContainer.java:216) [spring-security-ldap-4.1.3.RELEASE.jar:4.1.3.RELEASE]
    at org.springframework.security.ldap.server.ApacheDSContainer.afterPropertiesSet(ApacheDSContainer.java:134) [spring-security-ldap-4.1.3.RELEASE.jar:4.1.3.RELEASE]
    at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1642) [spring-beans-4.3.4.RELEASE.jar:4.3.4.RELEASE]

Thanks a lot for your help

AirBounce

Answer 1

I fixed it for me by removing the validation property in application.yml

Was before:

spring:
  ldap:
    embedded:
      base-dn: dc=example,dc=com
      ldif: classpath:test-server.ldif
      port: 12745
      validation:
        enabled: true

and is now:

spring:
  ldap:
    embedded:
      base-dn: dc=example,dc=com
      ldif: classpath:test-server.ldif
      port: 12745

It would be way easier to find such issues, if there would be any logging from the embedded ldap server.