tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Schumacher <felix.schumac...@internetallee.de>
Subject Re: Is LDAP connection failing?
Date Wed, 11 Apr 2018 09:32:36 GMT
Hi Luis,


Am 05.04.2018 18:50, schrieb Luis Rodríguez Fernández:
> Hello Suvendu,
> 
> May I ask you to share your JNDIRealm configuration?
> 
> For me something like this works:
> 
>  <Realm className="org.apache.catalina.realm.JNDIRealm"
>      connectionURL="ldaps://my.users.directory.com:636"
>      connectionName="CN=MY_BINDING_USER,OU=Users,OU=Organic
> Units,DC=cern,DC=ch"
>      connectionPassword="PASSWORD"
>      userBase="OU=Users,OU=Organic Units,DC=cern,DC=ch"
>      userSubtree="false"
>      userPattern="cn={0},OU=Users,OU=Organic Units,DC=cern,DC=ch"
> 
>  
> roleBase="OU=BASE_ORGANIZATION_UNIT_FOR_MY_GROUPS,OU=Workgroups,DC=cern,DC=ch"
>      roleSubtree="1"
>      roleName="cn"
>      roleSearch="(&amp;(member={0})(objectclass=group))"
> />

you are using userPattern to find users. In that case the userSubtree 
configuration
will be ignored. roleSubtree should be either "true" or "false".

Regards,
  Felix

> 
> Hope it helps,
> 
> Luis
> 
> 
> 
> 
> 
> 
> 
> 
> 2018-04-05 15:32 GMT+02:00 Suvendu Sekhar Mondal <suv3ndu@gmail.com>:
> 
>> Hello Everyone,
>> 
>> Recently in one of our environments I am seeing following log in
>> Catalina.out. It seems that LDAP connection is failing. This issue is
>> sporadic and goes away with Tomcat recycle.
>> 
>> One interesting thing is "localhost:389" part. I could not find out
>> any configuration related to that. It could happen that I am not
>> looking at the correct place.
>> 
>> We have 200+ JVMs out there which were starting up simultaneously but
>> this happens for some of them sporadically. I suspect that some race
>> condition might be causing this failure but could not found any
>> evidence so far. Can someone please suggest how can I identify what is
>> failing? and why it is failing?
>> 
>> Thanks!
>> Suvendu
>> 
>> Stack trace:
>> 2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
>> Deploying web application directory D:\xxx\webapps\ROOT
>> 2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
>> - Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
>> org.apache.catalina.LifecycleException: Failed to start component
>> [Realm[JNDIRealm]]
>>      at org.apache.catalina.util.LifecycleBase.start(
>> LifecycleBase.java:154)
>>      at org.apache.catalina.realm.CombinedRealm.startInternal(
>> CombinedRealm.java:201)
>>      at org.apache.catalina.util.LifecycleBase.start(
>> LifecycleBase.java:150)
>>      at org.apache.catalina.core.StandardContext.startInternal(
>> StandardContext.java:5373)
>>      at org.apache.catalina.util.LifecycleBase.start(
>> LifecycleBase.java:150)
>>      at org.apache.catalina.core.ContainerBase.addChildInternal(
>> ContainerBase.java:901)
>>      at org.apache.catalina.core.ContainerBase.addChild(
>> ContainerBase.java:877)
>>      at org.apache.catalina.core.StandardHost.addChild(
>> StandardHost.java:649)
>>      at org.apache.catalina.startup.HostConfig.deployDirectory(
>> HostConfig.java:1247)
>>      at org.apache.catalina.startup.HostConfig$DeployDirectory.
>> run(HostConfig.java:1898)
>>      at java.util.concurrent.Executors$RunnableAdapter.
>> call(Executors.java:511)
>>      at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>>      at java.util.concurrent.ThreadPoolExecutor.runWorker(
>> ThreadPoolExecutor.java:1142)
>>      at java.util.concurrent.ThreadPoolExecutor$Worker.run(
>> ThreadPoolExecutor.java:617)
>>      at java.lang.Thread.run(Thread.java:745)
>> Caused by: org.apache.catalina.LifecycleException: Exception opening
>> directory server connection
>>      at org.apache.catalina.realm.JNDIRealm.startInternal(
>> JNDIRealm.java:2191)
>>      at org.apache.catalina.util.LifecycleBase.start(
>> LifecycleBase.java:150)
>>      ... 14 more
>> Caused by: javax.naming.CommunicationException: localhost:389 [Root
>> exception is java.net.ConnectException: Connection refused: connect]
>>      at com.sun.jndi.ldap.Connection.<init>(Connection.java:216)
>>      at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
>>      at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
>>      at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
>>      at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
>>      at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(
>> LdapCtxFactory.java:70)
>>      at javax.naming.spi.NamingManager.getInitialContext(
>> NamingManager.java:684)
>>      at javax.naming.InitialContext.getDefaultInitCtx(
>> InitialContext.java:313)
>>      at javax.naming.InitialContext.init(InitialContext.java:244)
>>      at javax.naming.InitialContext.<init>(InitialContext.java:216)
>>      at javax.naming.directory.InitialDirContext.<init>(
>> InitialDirContext.java:101)
>>      at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:2108)
>>      at org.apache.catalina.realm.JNDIRealm.startInternal(
>> JNDIRealm.java:2189)
>>      ... 15 more
>> Caused by: java.net.ConnectException: Connection refused: connect
>>      at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method)
>>      at java.net.AbstractPlainSocketImpl.doConnect(
>> AbstractPlainSocketImpl.java:350)
>>      at java.net.AbstractPlainSocketImpl.connectToAddress(
>> AbstractPlainSocketImpl.java:206)
>>      at java.net.AbstractPlainSocketImpl.connect(
>> AbstractPlainSocketImpl.java:188)
>>      at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
>>      at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
>>      at java.net.Socket.connect(Socket.java:589)
>>      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>      at sun.reflect.NativeMethodAccessorImpl.invoke(
>> NativeMethodAccessorImpl.java:62)
>>      at sun.reflect.DelegatingMethodAccessorImpl.invoke(
>> DelegatingMethodAccessorImpl.java:43)
>>      at java.lang.reflect.Method.invoke(Method.java:498)
>>      at com.sun.jndi.ldap.Connection.createSocket(Connection.java:350)
>>      at com.sun.jndi.ldap.Connection.<init>(Connection.java:203)
>>      ... 27 more
>> 
>> 2018-04-02 20:34:35,059 INFO org.apache.catalina.startup.HostConfig -
>> Deployment of web application directory D:\xxx\webapps\ROOT has
>> finished in 7,766 ms
>> 2018-04-02 20:34:35,075 INFO
>> org.apache.coyote.http11.Http11AprProtocol - Starting ProtocolHandler
>> ["http-apr-18110"]
>> 2018-04-02 20:34:35,091 INFO org.apache.coyote.ajp.AjpAprProtocol -
>> Starting ProtocolHandler ["ajp-apr-18111"]
>> 2018-04-02 20:34:35,091 INFO org.apache.catalina.startup.Catalina -
>> Server startup in 235096 ms
>> 
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>> 
>> 

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message