java.lang.RuntimeException: org.apache.directory.api.ldap.model.exception.LdapOtherException: org.apache.directory.api.ldap.model.exception.LdapOtherException: ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35 NAME 'schemaModifyTimestamp' DESC time which schema was modified SUP modifyTimestamp EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 USAGE directoryOperation ) '

Apache's JIRA Issue Tracker | Gregory Chanan | 2 years ago
  1. 0

    We should provide a ZkACLProvider that requires SASL authentication. This provider will be useful for administration in a kerberos environment. In such an environment, the administrator wants solr to authenticate to zookeeper using SASL, since this is only way to authenticate with zookeeper via kerberos. The authorization model in such a setup can vary, e.g. you can imagine a scenario where solr owns (is the only writer of) the non-config znodes, but some set of trusted users are allowed to modify the configs. It's hard to predict all the possibilities here, but one model that seems generally useful is to have a model where solr itself owns all the znodes and all actions that require changing the znodes are routed to Solr APIs. That seems simple and reasonable as a first version. As for testing, I noticed while working on SOLR-6625 that we don't really have any infrastructure for testing kerberos integration in unit tests. Internally, I've been testing using kerberos-enabled VM clusters, but this isn't great since we won't notice any breakages until someone actually spins up a VM. So part of this JIRA is to provide some infrastructure for testing kerberos at the unit test level (using Hadoop's MiniKdc, HADOOP-9848).

    Apache's JIRA Issue Tracker | 2 years ago | Gregory Chanan
    java.lang.RuntimeException: org.apache.directory.api.ldap.model.exception.LdapOtherException: org.apache.directory.api.ldap.model.exception.LdapOtherException: ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35 NAME 'schemaModifyTimestamp' DESC time which schema was modified SUP modifyTimestamp EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 USAGE directoryOperation ) '
  2. 0

    We should provide a ZkACLProvider that requires SASL authentication. This provider will be useful for administration in a kerberos environment. In such an environment, the administrator wants solr to authenticate to zookeeper using SASL, since this is only way to authenticate with zookeeper via kerberos. The authorization model in such a setup can vary, e.g. you can imagine a scenario where solr owns (is the only writer of) the non-config znodes, but some set of trusted users are allowed to modify the configs. It's hard to predict all the possibilities here, but one model that seems generally useful is to have a model where solr itself owns all the znodes and all actions that require changing the znodes are routed to Solr APIs. That seems simple and reasonable as a first version. As for testing, I noticed while working on SOLR-6625 that we don't really have any infrastructure for testing kerberos integration in unit tests. Internally, I've been testing using kerberos-enabled VM clusters, but this isn't great since we won't notice any breakages until someone actually spins up a VM. So part of this JIRA is to provide some infrastructure for testing kerberos at the unit test level (using Hadoop's MiniKdc, HADOOP-9848).

    Apache's JIRA Issue Tracker | 2 years ago | Gregory Chanan
    java.lang.RuntimeException: org.apache.directory.api.ldap.model.exception.LdapOtherException: org.apache.directory.api.ldap.model.exception.LdapOtherException: ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35 NAME 'schemaModifyTimestamp' DESC time which schema was modified SUP modifyTimestamp EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 USAGE directoryOperation ) '
  3. 0

    [JENKINS-EA] Lucene-Solr-5.x-Linux (64bit/jdk1.9.0-ea-b83) - Build # 14203 - Failure! | Lucene | Java-Dev

    gossamer-threads.com | 11 months ago
    org.apache.directory.api.ldap.model.exception.LdapOtherException: org.apache.directory.api.ldap.model.exception.LdapOtherException: ERR_04447_CANNOT_NORMALIZE_VALUE Cannot normalize the wrapped value ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35 NAME 'schemaModifyTimestamp' DESC time which schema was modified SUP modifyTimestamp EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 USAGE directoryOperation ) ' at __randomizedtesting.SeedInfo.seed([DD64DF9012525832:E0BC71BC2ABC0642]:0)
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.apache.directory.api.ldap.model.exception.LdapInvalidAttributeValueException

      ERR_04473_NOT_VALID_VALUE Not a valid value '20090818022733Z' for the AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.35 NAME 'schemaModifyTimestamp' DESC time which schema was modified SUP modifyTimestamp EQUALITY generalizedTimeMatch ORDERING generalizedTimeOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 USAGE directoryOperation ) '

      at org.apache.directory.api.ldap.model.entry.AbstractValue.apply()
    2. Apache Directory
      AbstractValue.apply
      1. org.apache.directory.api.ldap.model.entry.AbstractValue.apply(AbstractValue.java:204)
      1 frame