tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 11679] New: - "anonymous bind failed" exceptions occur if connectionName not specified with JNDIRealm
Date Wed, 14 Aug 2002 00:27:50 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11679>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11679

"anonymous bind failed" exceptions occur if connectionName not specified with JNDIRealm

           Summary: "anonymous bind failed" exceptions occur if
                    connectionName not specified with JNDIRealm
           Product: Tomcat 4
           Version: 4.1.9
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Minor
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: jemiller@uchicago.edu


I found that it's necessary to set the connectionName attribute when using 
JNDIRealm, even when just binding anonymously (at least when used with 
OpenLDAP 2.1.2). For example, this works,

<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://localhost:8636"
connectionName=""
connectionPassword=""
userPattern="uid={0}, ou=People, dc=uchicago, dc=edu"
userRoleName="eduPersonAffiliation"/>

However, this only kind of works. In this case, the first authentication fails 
(when prompted using BASIC authentication and a pop-up dialog box) and then 
the second succeeds.

<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://localhost:8636"
userPattern="uid={0}, ou=People, dc=uchicago, dc=edu"
userRoleName="eduPersonAffiliation"/>

The following is what the log looks like for the second case. IMHO, you 
shouldn't have to specify the connectionName attribute.

2002-08-13 15:43:30 JNDIRealm[Standalone]: lookupUser(jemiller)
2002-08-13 15:43:30 JNDIRealm[Standalone]:   dn=uid=jemiller, ou=People, 
dc=uchicago, dc=edu
2002-08-13 15:43:30 JNDIRealm[Standalone]: Exception performing authentication
javax.naming.CommunicationException: anonymous bind failed: localhost:8636.  
Root exception is java.net.SocketException: Socket closed
        at java.net.SocketOutputStream.socketWrite0(Native Method)
        at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
        at java.net.SocketOutputStream.write(SocketOutputStream.java:126)
        at java.io.BufferedOutputStream.flushBuffer
(BufferedOutputStream.java:69)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127)
        at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:385)
        at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:309)
        at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:146)
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2516)
        at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2458)
        at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2432)
        at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1837)
        at com.sun.jndi.ldap.LdapCtx.doSearchOnce(LdapCtx.java:1829)
        at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1223)
        at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes
(ComponentDirContext.java:213)
        at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes
(PartialCompositeDirContext.java:121)
        at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes
(PartialCompositeDirContext.java:109)
        at javax.naming.directory.InitialDirContext.getAttributes
(InitialDirContext.java:121)
        at org.apache.catalina.realm.JNDIRealm.getUserByPattern
(JNDIRealm.java:819)
2002-08-13 15:43:30 JNDIRealm[Standalone]: lookupUser(jemiller)
2002-08-13 15:43:30 JNDIRealm[Standalone]:   dn=uid=jemiller, ou=People, 
dc=uchicago, dc=edu
2002-08-13 15:43:30 JNDIRealm[Standalone]: Exception performing authentication
javax.naming.CommunicationException: anonymous bind failed: localhost:8636.  
Root exception is java.net.SocketException: Socket closed
        at java.net.SocketOutputStream.socketWrite0(Native Method)
        at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
        at java.net.SocketOutputStream.write(SocketOutputStream.java:126)
        at java.io.BufferedOutputStream.flushBuffer
(BufferedOutputStream.java:69)
        at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:127)
        at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:385)
        at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:309)
        at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:146)
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2516)
        at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2458)
        at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2432)
        at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1837)
        at com.sun.jndi.ldap.LdapCtx.doSearchOnce(LdapCtx.java:1829)
        at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1223)
        at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes
(ComponentDirContext.java:213)
        at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes
(PartialCompositeDirContext.java:121)
        at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes
(PartialCompositeDirContext.java:109)
        at javax.naming.directory.InitialDirContext.getAttributes
(InitialDirContext.java:121)
        at org.apache.catalina.realm.JNDIRealm.getUserByPattern
(JNDIRealm.java:819)
        at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:773)
        at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:724)
        at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:671)
        at org.apache.catalina.authenticator.BasicAuthenticator.authenticate
(BasicAuthenticator.java:161)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke
(AuthenticatorBase.java:502)
        at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe
xt(StandardPipeline.java:641)
        at org.apache.catalina.valves.CertificatesValve.invoke
(CertificatesValve.java:246)
        at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe
xt(StandardPipeline.java:641)
        at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
        at org.apache.catalina.core.ContainerBase.invoke
(ContainerBase.java:995)
        at org.apache.catalina.core.StandardContext.invoke
(StandardContext.java:2350)
        at org.apache.catalina.core.StandardHostValve.invoke
(StandardHostValve.java:180)
        at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe
xt(StandardPipeline.java:643)
        at org.apache.catalina.valves.ErrorDispatcherValve.invoke
(ErrorDispatcherValve.java:170)
        at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe
xt(StandardPipeline.java:641)
        at org.apache.catalina.valves.ErrorReportValve.invoke
(ErrorReportValve.java:171)
        at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe
xt(StandardPipeline.java:641)
        at org.apache.catalina.valves.AccessLogValve.invoke
(AccessLogValve.java:469)
        at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe
xt(StandardPipeline.java:641)
        at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
        at org.apache.catalina.core.ContainerBase.invoke
(ContainerBase.java:995)
        at org.apache.catalina.core.StandardEngineValve.invoke
(StandardEngineValve.java:174)
        at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNe
xt(StandardPipeline.java:643)
        at org.apache.catalina.core.StandardPipeline.invoke
(StandardPipeline.java:480)
        at org.apache.catalina.core.ContainerBase.invoke
(ContainerBase.java:995)
        at org.apache.coyote.tomcat4.CoyoteAdapter.service
(CoyoteAdapter.java:223)
        at org.apache.coyote.http11.Http11Processor.process
(Http11Processor.java:405)
        at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnecti
on(Http11Protocol.java:380)
        at org.apache.tomcat.util.net.TcpWorkerThread.runIt
(PoolTcpEndpoint.java:508)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run
(ThreadPool.java:533)
        at java.lang.Thread.run(Thread.java:536)

2002-08-13 15:43:30 JNDIRealm[Standalone]: Closing directory context
2002-08-13 15:43:37 JNDIRealm[Standalone]: Connecting to URL 
ldap://localhost:8636
2002-08-13 15:43:37 JNDIRealm[Standalone]: lookupUser(jemiller)
2002-08-13 15:43:37 JNDIRealm[Standalone]:   dn=uid=jemiller, ou=People, 
dc=uchicago, dc=edu
2002-08-13 15:43:37 JNDIRealm[Standalone]:   retrieving values for attribute 
eduPersonAffiliation
2002-08-13 15:43:37 JNDIRealm[Standalone]:   validating credentials by binding 
as the user
2002-08-13 15:43:37 JNDIRealm[Standalone]:   binding as uid=jemiller, 
ou=People, dc=uchicago, dc=edu
2002-08-13 15:43:37 JNDIRealm[Standalone]: Username jemiller successfully 
authenticated
2002-08-13 15:43:37 JNDIRealm[Standalone]:   getRoles(uid=jemiller, ou=People, 
dc=uchicago, dc=edu)
2002-08-13 15:43:37 JNDIRealm[Standalone]: Username jemiller does NOT have 
role faculty
2002-08-13 15:43:37 JNDIRealm[Standalone]: Username jemiller has role staff
2002-08-13 15:47:06 JNDIRealm[Standalone]: lookupUser(jemiller)
2002-08-13 15:47:06 JNDIRealm[Standalone]:   dn=uid=jemiller, ou=People, 
dc=uchicago, dc=edu
2002-08-13 15:47:06 JNDIRealm[Standalone]: Exception performing authentication

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message