Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-3969

Response size of POST is now limited to 1MB

    Details

    • Story Points:
      3
    • Sprint:
      OpenIDM Sprint 56

      Description

      It seems there is a response size limitation in new CREST3 for the POST request. Our automated tests discovered this during testing of creating default connector configuration for ldap connector to AD. The schema that AD returns is big and the response seems to be cut after 1MB of data is sent.

      To reproduce this, try to generate full configuration for ldap connector connected to AD.

       	curl --header "Content-Type: application/json" --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --data '{"connectorRef":{"systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.ldap-connector", "displayName": "LDAP Connector", "connectorName": "org.identityconnectors.ldap.LdapConnector", "bundleVersion": "1.4.0.0"}}' --request POST "http://localhost:8080/openidm/system?_action=CREATECONFIGURATION"
      

      take the response, fill in the required fields like host, port, password, baseContext... and send it back to openidm. For example:

       	curl --header "Content-Type: application/json" --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --data '{"connectorRef": {"bundleName": "org.forgerock.openicf.connectors.ldap-connector", "displayName": "LDAP Connector", "systemType": "provisioner.openicf", "bundleVersion": "1.4.0.0", "ConnectorHostRef": "#LOCAL", "connectorName": "org.identityconnectors.ldap.LdapConnector"}, "operationTimeout": {"SCHEMA": -1, "SEARCH": -1, "AUTHENTICATE": -1, "GET": -1, "SCRIPT_ON_RESOURCE": -1, "CREATE": -1, "UPDATE": -1, "SYNC": -1, "SCRIPT_ON_CONNECTOR": -1, "TEST": -1, "VALIDATE": -1, "RESOLVEUSERNAME": -1, "DELETE": -1}, "configurationProperties": {"objectClassesToSynchronize": ["inetOrgPerson"], "accountUserNameAttributes": ["uid", "cn"], "baseContextsToSynchronize": [], "removeLogEntryObjectClassFromFilter": true, "getGroupMemberId": false, "credentials": "Passw0rd", "port": "389", "principal": "CN=ADMINISTRATOR,CN=USERS,DC=EXAMPLE,DC=COM", "referralsHandling": "follow", "passwordAttribute": "userPassword", "authType": "simple", "groupSearchFilter": null, "blockSize": 100, "passwordAttributeToSynchronize": null, "passwordDecryptionInitializationVector": null, "changeLogBlockSize": 100, "accountObjectClasses": ["top", "person", "organizationalPerson", "inetOrgPerson"], "accountSearchFilter": null, "useTimestampsForSync": false, "synchronizePasswords": false, "uidAttribute": "entryUUID", "usePagedResultControl": false, "passwordHashAlgorithm": null, "readSchema": true, "vlvSortAttribute": "uid", "ssl": false, "host": "10.0.0.22", "baseContexts": "OU=RobotTests2015_09_04_12_12_03,DC=EXAMPLE,DC=COM", "maintainPosixGroupMembership": false, "groupSynchronizationFilter": null, "groupMemberAttribute": "uniqueMember", "groupObjectClasses": ["top", "groupOfUniqueNames"], "changeNumberAttribute": "changeNumber", "failover": [], "filterWithOrInsteadOfAnd": false, "respectResourcePasswordPolicyChangeAfterReset": false, "passwordDecryptionKey": null, "accountSynchronizationFilter": null, "attributesToSynchronize": [], "useBlocks": false, "modifiersNamesToFilterOut": [], "maintainLdapGroupMembership": false}, "poolConfigOption": {"minIdle": 1, "maxObjects": 10, "minEvictableIdleTimeMillis": 120000, "maxWait": 150000, "maxIdle": 10}, "resultsHandlerConfig": {"enableAttributesToGetSearchResultsHandler": true, "enableFilteredResultsHandler": true, "enableNormalizingResultsHandler": true, "enableCaseInsensitiveFilter": false}}' --request POST "http://localhost:8080/openidm/system?_action=CREATECONFIGURATION" | jq .
      

      you won't get the whole response.

      The result of the curl command piped to jq from above.

      % Total % Received % Xferd Average Dload Speed Upload Time Total Time Spent Time Left Current Speed
      100 1026k 0 1024k 100 2337 98402 219 0:00:10 0:00:10 -::- 185k

      parse error: Unfinished string

      if you do the same command without the pipe to jq, the response ends like:

      ..."JAVA_TYPE_DATE"},"nativeName":"msDS-TasksForAzTaskBL","nativeType":"JAVA_TYPE_DATE","flags":["NOT_CREATABLE","NOT_UPDATEABLE"]},"
      queryFilter":{"type":"string","nativeName":"queryFilter","nativeType":"JAVA_TYPE_DATE"},"createDialog":{"type":"string","nativeNam
      e":"createDialog","nativeType":"JAVA_TYPE_DATE"},"extensionName":{"type":"array","items":{"type":"string","nativeType":"JAVA_TYPE_
      DATE"},"nativeName":"extensionName","nativeType":"JAVA_TYPE_DATE"},"msDS-EnabledFeatureBL":{"type":"array","items":{"type":"string
      ","nativeType":"JAVA_TYPE_DATE"},"nativeName":"msDS-EnabledFeatureBL","nativeType":"JAVA_TYPE_DATE","flags":["NOT_CREATABLE","PS E:\PyBot\OpenIDM>
      

      The name of the automated test is: Functional.Icf.Connectors.Ldap.Ad.Without Ssl.Create_Default_Conf_For_Connector_Via_Rest.create_default_conf_for_connector_via_rest

        Attachments

          Activity

            People

            • Assignee:
              jason Jason Lemay
              Reporter:
              Ladislav.Folta Ladislav Folta
              QA Assignee:
              Ladislav Folta
            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: