Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 609C4200BCF for ; Mon, 21 Nov 2016 01:30:03 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 5F2C2160B18; Mon, 21 Nov 2016 00:30:03 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 80AAF160B07 for ; Mon, 21 Nov 2016 01:30:02 +0100 (CET) Received: (qmail 88094 invoked by uid 500); 21 Nov 2016 00:30:01 -0000 Mailing-List: contact dev-help@atlas.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@atlas.incubator.apache.org Delivered-To: mailing list dev@atlas.incubator.apache.org Received: (qmail 88083 invoked by uid 99); 21 Nov 2016 00:30:01 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 21 Nov 2016 00:30:01 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 3E9CAC0744 for ; Mon, 21 Nov 2016 00:30:01 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -7.019 X-Spam-Level: X-Spam-Status: No, score=-7.019 tagged_above=-999 required=6.31 tests=[KAM_LAZY_DOMAIN_SECURITY=1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.999] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id vppEiIKyUuXS for ; Mon, 21 Nov 2016 00:30:00 +0000 (UTC) Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with SMTP id 80C6F5FC8E for ; Mon, 21 Nov 2016 00:29:59 +0000 (UTC) Received: (qmail 87916 invoked by uid 99); 21 Nov 2016 00:29:58 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 21 Nov 2016 00:29:58 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 8A7D62C4C77 for ; Mon, 21 Nov 2016 00:29:58 +0000 (UTC) Date: Mon, 21 Nov 2016 00:29:58 +0000 (UTC) From: "Madhan Neethiraj (JIRA)" To: dev@atlas.incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (ATLAS-1310) LDAP authentication attempted even when disabled MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Mon, 21 Nov 2016 00:30:03 -0000 [ https://issues.apache.org/jira/browse/ATLAS-1310?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Madhan Neethiraj updated ATLAS-1310: ------------------------------------ Attachment: ATLAS-1310.patch Patch in review board: https://reviews.apache.org/r/53940/ > LDAP authentication attempted even when disabled > ------------------------------------------------ > > Key: ATLAS-1310 > URL: https://issues.apache.org/jira/browse/ATLAS-1310 > Project: Atlas > Issue Type: Bug > Affects Versions: 0.8-incubating > Reporter: Madhan Neethiraj > Assignee: Madhan Neethiraj > Fix For: 0.8-incubating > > Attachments: ATLAS-1310.patch > > > After the updates to support KnoxSSL (ATLAS-1244), Atlas attempts LDAP authentication even when LDAP authentication is disabled with configuration: atlas.authentication.method.ldap=false. > This should be fixed so that LDAP authentication will be attempted only when it is enabled i.e. atlas.authentication.method.ldap=true > From application.log: > {noformat} > 2016-11-20 11:11:03,407 ERROR - [pool-1-thread-8:] ~ LDAP Authentication Failed: (AtlasLdapAuthenticationProvider:121) > java.lang.IllegalArgumentException: An LDAP connection URL must be supplied. > at org.springframework.util.Assert.hasLength(Assert.java:136) > at org.springframework.security.ldap.DefaultSpringSecurityContextSource.(DefaultSpringSecurityContextSource.java:44) > at org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.getLdapContextSource(AtlasLdapAuthenticationProvider.java:157) > at org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.getLdapBindAuthentication(AtlasLdapAuthenticationProvider.java:83) > at org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.authenticate(AtlasLdapAuthenticationProvider.java:68) > at org.apache.atlas.web.security.AtlasAuthenticationProvider.authenticate(AtlasAuthenticationProvider.java:85) > at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:156) > at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174) > at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94) > at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) > at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) > at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87) > at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342) > at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192) > at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160) > at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346) > at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259) > at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) > at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585) > at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) > at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577) > at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223) > at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) > at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) > at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) > at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) > at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) > at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) > at org.eclipse.jetty.server.Server.handle(Server.java:499) > at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310) > at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) > at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)