Uploaded image for project: 'Red Hat Fuse'
  1. Red Hat Fuse
  2. ENTESB-5917

6.2.1 R3 prevents base DN lookup in Tivoli LDAP Server

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: jboss-fuse-6.2.1
    • Fix Version/s: jboss-fuse-6.3
    • Component/s: Karaf
    • Labels:
      None
    • Environment:

      6.2.1 R3
      org.apache.karaf.jaas/org.apache.karaf.jaas.modules/2.4.0.redhat-621117

    • Sprint:
      Sprint 7 - towards CR2

      Description

      Upgrading to 6.2.1 R3 causes the following error with Tivoli LDAP server:

      2016-07-22 10:21:42,738 | DEBUG | SshServer[3d97cc2]-nio2-thread-3 | araf.jaas.modules.ldap.LDAPLoginModule |                                |                                          | Get the user DN.
      2016-07-22 10:21:42,739 | DEBUG | SshServer[3d97cc2]-nio2-thread-3 | araf.jaas.modules.ldap.LDAPLoginModule |                                |                                          | Setting up SSL
      2016-07-22 10:21:42,990 | DEBUG | SshServer[3d97cc2]-nio2-thread-3 | araf.jaas.modules.ldap.LDAPLoginModule |                                |                                          | Looking for the user in LDAP with 
      2016-07-22 10:21:42,995 | DEBUG | SshServer[3d97cc2]-nio2-thread-3 | araf.jaas.modules.ldap.LDAPLoginModule |                                |                                          |   base DN: ou=acme,o=somename,c=us
      2016-07-22 10:21:42,995 | DEBUG | SshServer[3d97cc2]-nio2-thread-3 | araf.jaas.modules.ldap.LDAPLoginModule |                                |                                          |   filter: (uid=031471)
      2016-07-22 10:23:41,768 | INFO  | shServer[3d97cc2]-timer-thread-1 | ache.sshd.server.session.ServerSession |                                |                                          | Disconnecting: Session has timed out waiting for authentication after 120000 ms.
      2016-07-22 10:26:43,297 | WARN  | SshServer[3d97cc2]-nio2-thread-3 | araf.jaas.modules.ldap.LDAPLoginModule |                                |                                          | Can't connect to the LDAP server: localhost:10389; socket closed
      javax.naming.ServiceUnavailableException: localhost:10389; socket closed; remaining name 'ou=acme,o=somename,c=us'
      	at com.sun.jndi.ldap.Connection.readReply(Connection.java:459)[:1.7.0_101]
      	at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:640)[:1.7.0_101]
      	at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:563)[:1.7.0_101]
      	at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1986)[:1.7.0_101]
      	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1848)[:1.7.0_101]
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1773)[:1.7.0_101]
      	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:386)[:1.7.0_101]
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:356)[:1.7.0_101]
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:339)[:1.7.0_101]
      	at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267)[:1.7.0_101]
      	at org.apache.karaf.jaas.modules.ldap.LDAPCache.doGetUserDnAndNamespace(LDAPCache.java:164)[25:org.apache.karaf.jaas.modules:2.4.0.redhat-621117]
      	at org.apache.karaf.jaas.modules.ldap.LDAPCache.getUserDnAndNamespace(LDAPCache.java:138)[25:org.apache.karaf.jaas.modules:2.4.0.redhat-621117]
      	at org.apache.karaf.jaas.modules.ldap.LDAPLoginModule.doLogin(LDAPLoginModule.java:111)[25:org.apache.karaf.jaas.modules:2.4.0.redhat-621117]
      	at org.apache.karaf.jaas.modules.ldap.LDAPLoginModule.login(LDAPLoginModule.java:55)[25:org.apache.karaf.jaas.modules:2.4.0.redhat-621117]
      	at org.apache.karaf.jaas.boot.ProxyLoginModule.login(ProxyLoginModule.java:83)[karaf-jaas-boot.jar:]
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[:1.7.0_101]
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)[:1.7.0_101]
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)[:1.7.0_101]
      	at java.lang.reflect.Method.invoke(Method.java:606)[:1.7.0_101]
      	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762)[:1.7.0_101]
      	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)[:1.7.0_101]
      	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690)[:1.7.0_101]
      	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688)[:1.7.0_101]
      	at java.security.AccessController.doPrivileged(Native Method)[:1.7.0_101]
      	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687)[:1.7.0_101]
      	at javax.security.auth.login.LoginContext.login(LoginContext.java:595)[:1.7.0_101]
      	at org.apache.karaf.shell.ssh.KarafJaasAuthenticator.authenticate(KarafJaasAuthenticator.java:73)
      	at org.apache.sshd.server.auth.UserAuthKeyboardInteractive.checkPassword(UserAuthKeyboardInteractive.java:75)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.server.auth.UserAuthKeyboardInteractive.doAuth(UserAuthKeyboardInteractive.java:68)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.server.auth.AbstractUserAuth.next(AbstractUserAuth.java:53)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.server.session.ServerUserAuthService.process(ServerUserAuthService.java:159)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:431)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:326)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:780)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:308)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:184)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:170)[128:org.apache.sshd.core:0.14.0]
      	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
      	at java.security.AccessController.doPrivileged(Native Method)[:1.7.0_101]
      	at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)[128:org.apache.sshd.core:0.14.0]
      	at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)[:1.7.0_101]
      	at sun.nio.ch.Invoker$2.run(Invoker.java:218)[:1.7.0_101]
      	at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)[:1.7.0_101]
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)[:1.7.0_101]
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)[:1.7.0_101]
      	at java.lang.Thread.run(Thread.java:745)[:1.7.0_101]
      

      Rolling back to org.apache.karaf.jaas/org.apache.karaf.jaas.modules/2.4.0.redhat-621107 resolves the issue.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                gnodet Guillaume Nodet
                Reporter:
                jsherman Jason Sherman
                Tester:
                Josef Ludvicek
              • Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: