Cunfigure eduPersonTargetedID shibboleth Idp windows 3.4

Aisha Al Fudhaili aisha at omren.om
Thu Sep 23 09:40:11 UTC 2021 

Error log:

2021-09-23 13:31:41,317 -  - ERROR [net.shibboleth.utilities.java.support.service.AbstractReloadableService:182] - Service 'shibboleth.AttributeResolverService': Initial load failed
net.shibboleth.utilities.java.support.service.ServiceException: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'myLDAP': Cannot create inner bean '(inner bean)#446dbf7b' of type [org.ldaptive.pool.PooledConnectionFactory] while setting bean property 'connectionFactory'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#446dbf7b': Cannot create inner bean '(inner bean)#1cb09347' of type [net.shibboleth.idp.attribute.resolver.spring.dc.ldap.impl.LDAPDataConnectorParser$V2Parser] while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#1cb09347': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Could not initialize pool size
	at net.shibboleth.ext.spring.service.ReloadableSpringService.doReload(ReloadableSpringService.java:377)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'myLDAP': Cannot create inner bean '(inner bean)#446dbf7b' of type [org.ldaptive.pool.PooledConnectionFactory] while setting bean property 'connectionFactory'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#446dbf7b': Cannot create inner bean '(inner bean)#1cb09347' of type [net.shibboleth.idp.attribute.resolver.spring.dc.ldap.impl.LDAPDataConnectorParser$V2Parser] while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#1cb09347': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Could not initialize pool size
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:313)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#446dbf7b': Cannot create inner bean '(inner bean)#1cb09347' of type [net.shibboleth.idp.attribute.resolver.spring.dc.ldap.impl.LDAPDataConnectorParser$V2Parser] while setting constructor argument; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#1cb09347': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Could not initialize pool size
	at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveInnerBean(BeanDefinitionValueResolver.java:313)
Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name '(inner bean)#1cb09347': Invocation of init method failed; nested exception is java.lang.IllegalStateException: Could not initialize pool size
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1619)
Caused by: java.lang.IllegalStateException: Could not initialize pool size
	at org.ldaptive.pool.AbstractConnectionPool.initialize(AbstractConnectionPool.java:283)
Caused by: org.ldaptive.LdapException: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 52e, v4563 ]
	at org.ldaptive.provider.ProviderUtils.throwOperationException(ProviderUtils.java:77)
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 52e, v4563 ]
	at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3259)

-----Original Message-----
From: users <users-bounces at shibboleth.net> On Behalf Of Peter Schober
Sent: Thursday, September 23, 2021 11:51 AM
To: users at shibboleth.net
Subject: Re: Cunfigure eduPersonTargetedID shibboleth Idp windows 3.4

Please keep replies to the list.

* Aisha Al Fudhaili <aisha at omren.om> [2021-09-23 07:59]:
> I can't run the mentioned command. I'm using windows. 

There's an equivalent batch script called aacli.bat for use with MS-Windows..

> Error in log file
> 
> - ERROR 
> [net.shibboleth.utilities.java.support.service.AbstractReloadableServi
> ce:231] - Service 'shibboleth.AttributeResolverService': Reload for 
> shibboleth.AttributeResolverService failed
> net.shibboleth.utilities.java.support.service.ServiceException: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'myLDAP': Invocation of init method failed; nested exception is java.lang.NullPointerException
> 	at 
> net.shibboleth.ext.spring.service.ReloadableSpringService.doReload(Rel
> oadableSpringService.java:377) Caused by: 
> org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'myLDAP': Invocation of init method failed; nested exception is java.lang.NullPointerException
> 	at 
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanF
> actory.initializeBean(AbstractAutowireCapableBeanFactory.java:1619)
> Caused by: java.lang.NullPointerException: null
> 	at java.base/java.util.Hashtable.put(Hashtable.java:475)

I may be misreading the above but if you only reloaded the attribute resolver configuration but also changed properties files (e.g. saml-nameid.properties) then this isn't sufficient.
Properties files are only reliably read at the start of the JVM, i.e., you'd have to restart the IDP (or Java Servlet Container).

-peter
--
For Consortium Member technical support, see https://shibboleth.atlassian.net/wiki/x/ZYEpPw
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net

More information about the users mailing list