Marathon 1.3.6 crashing with Marathon-LDAP 1.3 #9
Description
Hello,
when I enable Marathon-LDAP 1.3 on my Marathon (1.3.6-1.0.540.ubuntu1604) like this:
root@mesos-master1 /etc/marathon/conf # cat plugin_conf
/var/marathon/plugins/plugin-conf.json
root@mesos-master1 /etc/marathon/conf # cat plugin_dir
/var/marathon/plugins
root@mesos-master1 /etc/marathon/conf # ls /var/marathon/plugins
marathon-ldap.jar plugin-conf.json
root@mesos-master1 /etc/marathon/conf # cat /var/marathon/plugins/plugin-conf.json
"ldap": {
/*
* the url property specifies the server, port and SSL setting of your directory.
* Default port is 389 for plaintext or STARTTLS, and 636 for SSL. If you want
* SSL, specify the protocol as 'ldaps:' rather than 'ldap:'
*/
"url": "ldap://my.ldapserver.local:389",
/*
* base represents the domain your directory authenticates. A domain of
* example.com would normally be expressed in the form below, although note
* that there is not necessarily a direct correlation between domains that
* might be part of an email address or username and the baseDN of the
* directory server.
*/
"base": "dc=example,dc=com",
/*
* The dn property tells the plugin how to format a distinguished name for a user
* that you want to authenticate. The string {username} MUST exist in here and
* will be replaced by whatever the user submits as "username" in the login dialog.
*
* When the plugin calculates the DN to use to attempt authentication, it will
* take the interpolated value here, suffixed with the userSubTree (if defined)
* and the base property. For example, the settings here and a submitted username
* of 'fred' would cause a bind attempt using 'dn=uid=fred,ou=People,dc=example,dc=com'
*/
"dn": "uid={username}",
/*
* The userSearch string is used following successful bind in order to obtain the
* entire user record for the user logging in. Similar to the 'dn' property above,
* the supplied username will be substituted into the pattern below and the search
* will be performed as shown against a search context of 'base' or (if defined)
* the userSubTree section only.
*/
"userSearch": "(&(uid={username})(objectClass=inetOrgPerson))",
/* ---- the following properties are optional and can be left undefined ---- */
/*
* If you want to restrict the user searches and bind attempts to a particular
* org unit or other area of the LDAP directory, specify the sub tree here. The
* descriptions of earlier properties note where this definition may affect
* behaviour.
*/
"userSubTree": "ou=People",
/*
* If your group memberships are specified by using "memberOf" attributes on the
* user record, you don't need the following. However, if your groups are defined
* as separate entities and membership is denoted by having all the usernames
* inside the group, then you do. This is common for posixGroup type groups.
* Specify the 'groupSearch' property as a pattern to find all groups that the
* user is a member of.
*/
"groupSearch": "(&(memberUid={username})(objectClass=posixGroup))",
/*
* Similar to userSubTree but for the group entities
*/
"groupSubTree": "ou=Group"
}
then it crashes on startup (see crashlog.txt).
What's wrong?
Thanks
takt