Re: Is LDAP connection failing?

2018-04-19 Thread Suvendu Sekhar Mondal 
On Wed, Apr 11, 2018, 3:00 PM Felix Schumacher <
felix.schumac...@internetallee.de> wrote:

> Am 05.04.2018 15:32, schrieb Suvendu Sekhar Mondal:
> > Hello Everyone,
> >
> > Recently in one of our environments I am seeing following log in
> > Catalina.out. It seems that LDAP connection is failing. This issue is
> > sporadic and goes away with Tomcat recycle.
> >
> > One interesting thing is "localhost:389" part. I could not find out
> > any configuration related to that. It could happen that I am not
> > looking at the correct place.
> >
> > We have 200+ JVMs out there which were starting up simultaneously but
> > this happens for some of them sporadically. I suspect that some race
> > condition might be causing this failure but could not found any
> > evidence so far. Can someone please suggest how can I identify what is
> > failing? and why it is failing?
>
> It would be nice to include the version of tomcat you are using.
> (I am guessing it is something like 7.0.55 as the source code matches
> the line
> numbers in the stacktrace)
>

Felix,

Sorry, I should have given that info upfront. You are correct. I'm using
7.0.55.

If it is this version, then the message will be generated, when your
> ldap server
> configured by connectionURL is not reachable on startup. Tomcat will try
> to
> connect to the ldap server configured by alternateURL. It seems to me,
> that
> you have not configured one (again guessing, as you didn't give
> configuration
> details). In that case the jre is using localhost:389 and as there is no
> LDAP server listening you get the exception.
>

You are right. We don't have any alternate URL configured. So, work around
we are using is to start those JVMs in batches. We are working on to tune
LDAP as well as to get alternate URL.

Thank you for the lead. Appreciate it! :)

>
> Regards,
>   Felix
> >
> > Thanks!
> > Suvendu
> >
> > Stack trace:
> > 2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
> > Deploying web application directory D:\xxx\webapps\ROOT
> > 2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
> > - Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
> > org.apache.catalina.LifecycleException: Failed to start component
> > [Realm[JNDIRealm]]
> >  at
> > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)
> >  at
> >
> org.apache.catalina.realm.CombinedRealm.startInternal(CombinedRealm.java:201)
> >  at
> > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
> >  at
> >
> org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5373)
> >  at
> > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
> >  at
> >
> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
> >  at
> > org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
> >  at
> > org.apache.catalina.core.StandardHost.addChild(StandardHost.java:649)
> >  at
> >
> org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1247)
> >  at
> >
> org.apache.catalina.startup.HostConfig$DeployDirectory.run(HostConfig.java:1898)
> >  at
> > java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
> >  at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> >  at
> >
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> >  at
> >
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> >  at java.lang.Thread.run(Thread.java:745)
> > Caused by: org.apache.catalina.LifecycleException: Exception opening
> > directory server connection
> >  at
> > org.apache.catalina.realm.JNDIRealm.startInternal(JNDIRealm.java:2191)
> >  at
> > org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
> >  ... 14 more
> > Caused by: javax.naming.CommunicationException: localhost:389 [Root
> > exception is java.net.ConnectException: Connection refused: connect]
> >  at com.sun.jndi.ldap.Connection.(Connection.java:216)
> >  at com.sun.jndi.ldap.LdapClient.(LdapClient.java:137)
> >  at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
> >  at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
> >  at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
> >  at
> >
> com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:70)
> >  at
> > javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
> >  at
> > javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
> >  at javax.naming.InitialContext.init(InitialContext.java:244)
> >  at javax.naming.InitialContext.(InitialContext.java:216)
> >  at
> >
> javax.naming.directory.InitialDirContext.(InitialDirContext.java:101)
> >  at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:2108)
> >  at
> >

Re: Is LDAP connection failing?

2018-04-13 Thread Luis Rodríguez Fernández 
Hello Felix,

Thanks for your feedback!

Actually I realized that with userPattern I do not need to declare neither
userBase nor userSubtree.

roleSubtree="true", indeed! Nevertheless with "1" was working for me
anyway...

Cheers,

Luis

2018-04-11 11:32 GMT+02:00 Felix Schumacher <
felix.schumac...@internetallee.de>:

> Hi Luis,
>
>
> Am 05.04.2018 18:50, schrieb Luis Rodríguez Fernández:
>
>> Hello Suvendu,
>>
>> May I ask you to share your JNDIRealm configuration?
>>
>> For me something like this works:
>>
>>  >  connectionURL="ldaps://my.users.directory.com:636"
>>  connectionName="CN=MY_BINDING_USER,OU=Users,OU=Organic
>> Units,DC=cern,DC=ch"
>>  connectionPassword="PASSWORD"
>>  userBase="OU=Users,OU=Organic Units,DC=cern,DC=ch"
>>  userSubtree="false"
>>  userPattern="cn={0},OU=Users,OU=Organic Units,DC=cern,DC=ch"
>>
>>  roleBase="OU=BASE_ORGANIZATION_UNIT_FOR_MY_GROUPS,OU=
>> Workgroups,DC=cern,DC=ch"
>>  roleSubtree="1"
>>  roleName="cn"
>>  roleSearch="((member={0})(objectclass=group))"
>> />
>>
>
> you are using userPattern to find users. In that case the userSubtree
> configuration
> will be ignored. roleSubtree should be either "true" or "false".
>
> Regards,
>  Felix
>
>
>
>> Hope it helps,
>>
>> Luis
>>
>>
>>
>>
>>
>>
>>
>>
>> 2018-04-05 15:32 GMT+02:00 Suvendu Sekhar Mondal :
>>
>> Hello Everyone,
>>>
>>> Recently in one of our environments I am seeing following log in
>>> Catalina.out. It seems that LDAP connection is failing. This issue is
>>> sporadic and goes away with Tomcat recycle.
>>>
>>> One interesting thing is "localhost:389" part. I could not find out
>>> any configuration related to that. It could happen that I am not
>>> looking at the correct place.
>>>
>>> We have 200+ JVMs out there which were starting up simultaneously but
>>> this happens for some of them sporadically. I suspect that some race
>>> condition might be causing this failure but could not found any
>>> evidence so far. Can someone please suggest how can I identify what is
>>> failing? and why it is failing?
>>>
>>> Thanks!
>>> Suvendu
>>>
>>> Stack trace:
>>> 2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
>>> Deploying web application directory D:\xxx\webapps\ROOT
>>> 2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
>>> - Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
>>> org.apache.catalina.LifecycleException: Failed to start component
>>> [Realm[JNDIRealm]]
>>>  at org.apache.catalina.util.LifecycleBase.start(
>>> LifecycleBase.java:154)
>>>  at org.apache.catalina.realm.CombinedRealm.startInternal(
>>> CombinedRealm.java:201)
>>>  at org.apache.catalina.util.LifecycleBase.start(
>>> LifecycleBase.java:150)
>>>  at org.apache.catalina.core.StandardContext.startInternal(
>>> StandardContext.java:5373)
>>>  at org.apache.catalina.util.LifecycleBase.start(
>>> LifecycleBase.java:150)
>>>  at org.apache.catalina.core.ContainerBase.addChildInternal(
>>> ContainerBase.java:901)
>>>  at org.apache.catalina.core.ContainerBase.addChild(
>>> ContainerBase.java:877)
>>>  at org.apache.catalina.core.StandardHost.addChild(
>>> StandardHost.java:649)
>>>  at org.apache.catalina.startup.HostConfig.deployDirectory(
>>> HostConfig.java:1247)
>>>  at org.apache.catalina.startup.HostConfig$DeployDirectory.
>>> run(HostConfig.java:1898)
>>>  at java.util.concurrent.Executors$RunnableAdapter.
>>> call(Executors.java:511)
>>>  at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>>>  at java.util.concurrent.ThreadPoolExecutor.runWorker(
>>> ThreadPoolExecutor.java:1142)
>>>  at java.util.concurrent.ThreadPoolExecutor$Worker.run(
>>> ThreadPoolExecutor.java:617)
>>>  at java.lang.Thread.run(Thread.java:745)
>>> Caused by: org.apache.catalina.LifecycleException: Exception opening
>>> directory server connection
>>>  at org.apache.catalina.realm.JNDIRealm.startInternal(
>>> JNDIRealm.java:2191)
>>>  at org.apache.catalina.util.LifecycleBase.start(
>>> LifecycleBase.java:150)
>>>  ... 14 more
>>> Caused by: javax.naming.CommunicationException: localhost:389 [Root
>>> exception is java.net.ConnectException: Connection refused: connect]
>>>  at com.sun.jndi.ldap.Connection.(Connection.java:216)
>>>  at com.sun.jndi.ldap.LdapClient.(LdapClient.java:137)
>>>  at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
>>>  at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
>>>  at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
>>>  at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(
>>> LdapCtxFactory.java:70)
>>>  at javax.naming.spi.NamingManager.getInitialContext(
>>> NamingManager.java:684)
>>>  at javax.naming.InitialContext.getDefaultInitCtx(
>>> InitialContext.java:313)
>>>  at javax.naming.InitialContext.init(InitialContext.java:244)
>>>  at

Re: Is LDAP connection failing?

2018-04-11 Thread Felix Schumacher 

Hi Luis,


Am 05.04.2018 18:50, schrieb Luis Rodríguez Fernández:

Hello Suvendu,

May I ask you to share your JNDIRealm configuration?

For me something like this works:

  
roleBase="OU=BASE_ORGANIZATION_UNIT_FOR_MY_GROUPS,OU=Workgroups,DC=cern,DC=ch"

 roleSubtree="1"
 roleName="cn"
 roleSearch="((member={0})(objectclass=group))"
/>


you are using userPattern to find users. In that case the userSubtree 
configuration

will be ignored. roleSubtree should be either "true" or "false".

Regards,
 Felix



Hope it helps,

Luis








2018-04-05 15:32 GMT+02:00 Suvendu Sekhar Mondal :


Hello Everyone,

Recently in one of our environments I am seeing following log in
Catalina.out. It seems that LDAP connection is failing. This issue is
sporadic and goes away with Tomcat recycle.

One interesting thing is "localhost:389" part. I could not find out
any configuration related to that. It could happen that I am not
looking at the correct place.

We have 200+ JVMs out there which were starting up simultaneously but
this happens for some of them sporadically. I suspect that some race
condition might be causing this failure but could not found any
evidence so far. Can someone please suggest how can I identify what is
failing? and why it is failing?

Thanks!
Suvendu

Stack trace:
2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
Deploying web application directory D:\xxx\webapps\ROOT
2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
- Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
org.apache.catalina.LifecycleException: Failed to start component
[Realm[JNDIRealm]]
 at org.apache.catalina.util.LifecycleBase.start(
LifecycleBase.java:154)
 at org.apache.catalina.realm.CombinedRealm.startInternal(
CombinedRealm.java:201)
 at org.apache.catalina.util.LifecycleBase.start(
LifecycleBase.java:150)
 at org.apache.catalina.core.StandardContext.startInternal(
StandardContext.java:5373)
 at org.apache.catalina.util.LifecycleBase.start(
LifecycleBase.java:150)
 at org.apache.catalina.core.ContainerBase.addChildInternal(
ContainerBase.java:901)
 at org.apache.catalina.core.ContainerBase.addChild(
ContainerBase.java:877)
 at org.apache.catalina.core.StandardHost.addChild(
StandardHost.java:649)
 at org.apache.catalina.startup.HostConfig.deployDirectory(
HostConfig.java:1247)
 at org.apache.catalina.startup.HostConfig$DeployDirectory.
run(HostConfig.java:1898)
 at java.util.concurrent.Executors$RunnableAdapter.
call(Executors.java:511)
 at java.util.concurrent.FutureTask.run(FutureTask.java:266)
 at java.util.concurrent.ThreadPoolExecutor.runWorker(
ThreadPoolExecutor.java:1142)
 at java.util.concurrent.ThreadPoolExecutor$Worker.run(
ThreadPoolExecutor.java:617)
 at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.catalina.LifecycleException: Exception opening
directory server connection
 at org.apache.catalina.realm.JNDIRealm.startInternal(
JNDIRealm.java:2191)
 at org.apache.catalina.util.LifecycleBase.start(
LifecycleBase.java:150)
 ... 14 more
Caused by: javax.naming.CommunicationException: localhost:389 [Root
exception is java.net.ConnectException: Connection refused: connect]
 at com.sun.jndi.ldap.Connection.(Connection.java:216)
 at com.sun.jndi.ldap.LdapClient.(LdapClient.java:137)
 at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
 at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
 at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
 at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(
LdapCtxFactory.java:70)
 at javax.naming.spi.NamingManager.getInitialContext(
NamingManager.java:684)
 at javax.naming.InitialContext.getDefaultInitCtx(
InitialContext.java:313)
 at javax.naming.InitialContext.init(InitialContext.java:244)
 at javax.naming.InitialContext.(InitialContext.java:216)
 at javax.naming.directory.InitialDirContext.(
InitialDirContext.java:101)
 at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:2108)
 at org.apache.catalina.realm.JNDIRealm.startInternal(
JNDIRealm.java:2189)
 ... 15 more
Caused by: java.net.ConnectException: Connection refused: connect
 at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method)
 at java.net.AbstractPlainSocketImpl.doConnect(
AbstractPlainSocketImpl.java:350)
 at java.net.AbstractPlainSocketImpl.connectToAddress(
AbstractPlainSocketImpl.java:206)
 at java.net.AbstractPlainSocketImpl.connect(
AbstractPlainSocketImpl.java:188)
 at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
 at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
 at java.net.Socket.connect(Socket.java:589)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(
NativeMethodAccessorImpl.java:62)
 at

Re: Is LDAP connection failing?

2018-04-11 Thread Felix Schumacher 

Am 05.04.2018 15:32, schrieb Suvendu Sekhar Mondal:

Hello Everyone,

Recently in one of our environments I am seeing following log in
Catalina.out. It seems that LDAP connection is failing. This issue is
sporadic and goes away with Tomcat recycle.

One interesting thing is "localhost:389" part. I could not find out
any configuration related to that. It could happen that I am not
looking at the correct place.

We have 200+ JVMs out there which were starting up simultaneously but
this happens for some of them sporadically. I suspect that some race
condition might be causing this failure but could not found any
evidence so far. Can someone please suggest how can I identify what is
failing? and why it is failing?


It would be nice to include the version of tomcat you are using.
(I am guessing it is something like 7.0.55 as the source code matches 
the line

numbers in the stacktrace)

If it is this version, then the message will be generated, when your 
ldap server
configured by connectionURL is not reachable on startup. Tomcat will try 
to
connect to the ldap server configured by alternateURL. It seems to me, 
that
you have not configured one (again guessing, as you didn't give 
configuration

details). In that case the jre is using localhost:389 and as there is no
LDAP server listening you get the exception.

Regards,
 Felix



Thanks!
Suvendu

Stack trace:
2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
Deploying web application directory D:\xxx\webapps\ROOT
2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
- Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
org.apache.catalina.LifecycleException: Failed to start component
[Realm[JNDIRealm]]
 at 
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)

 at
org.apache.catalina.realm.CombinedRealm.startInternal(CombinedRealm.java:201)
 at 
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)

 at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5373)
 at 
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)

 at
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
 at 
org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
 at 
org.apache.catalina.core.StandardHost.addChild(StandardHost.java:649)

 at
org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1247)
 at
org.apache.catalina.startup.HostConfig$DeployDirectory.run(HostConfig.java:1898)
 at 
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)

 at java.util.concurrent.FutureTask.run(FutureTask.java:266)
 at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
 at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
 at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.catalina.LifecycleException: Exception opening
directory server connection
 at 
org.apache.catalina.realm.JNDIRealm.startInternal(JNDIRealm.java:2191)
 at 
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)

 ... 14 more
Caused by: javax.naming.CommunicationException: localhost:389 [Root
exception is java.net.ConnectException: Connection refused: connect]
 at com.sun.jndi.ldap.Connection.(Connection.java:216)
 at com.sun.jndi.ldap.LdapClient.(LdapClient.java:137)
 at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
 at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
 at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
 at
com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:70)
 at 
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
 at 
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)

 at javax.naming.InitialContext.init(InitialContext.java:244)
 at javax.naming.InitialContext.(InitialContext.java:216)
 at
javax.naming.directory.InitialDirContext.(InitialDirContext.java:101)
 at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:2108)
 at 
org.apache.catalina.realm.JNDIRealm.startInternal(JNDIRealm.java:2189)

 ... 15 more
Caused by: java.net.ConnectException: Connection refused: connect
 at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method)
 at
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
 at
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
 at
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
 at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
 at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
 at java.net.Socket.connect(Socket.java:589)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at

Re: Is LDAP connection failing?

2018-04-05 Thread Luis Rodríguez Fernández 
Hello Suvendu,

May I ask you to share your JNDIRealm configuration?

For me something like this works:

 

Hope it helps,

Luis








2018-04-05 15:32 GMT+02:00 Suvendu Sekhar Mondal :

> Hello Everyone,
>
> Recently in one of our environments I am seeing following log in
> Catalina.out. It seems that LDAP connection is failing. This issue is
> sporadic and goes away with Tomcat recycle.
>
> One interesting thing is "localhost:389" part. I could not find out
> any configuration related to that. It could happen that I am not
> looking at the correct place.
>
> We have 200+ JVMs out there which were starting up simultaneously but
> this happens for some of them sporadically. I suspect that some race
> condition might be causing this failure but could not found any
> evidence so far. Can someone please suggest how can I identify what is
> failing? and why it is failing?
>
> Thanks!
> Suvendu
>
> Stack trace:
> 2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
> Deploying web application directory D:\xxx\webapps\ROOT
> 2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
> - Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
> org.apache.catalina.LifecycleException: Failed to start component
> [Realm[JNDIRealm]]
>  at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:154)
>  at org.apache.catalina.realm.CombinedRealm.startInternal(
> CombinedRealm.java:201)
>  at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:150)
>  at org.apache.catalina.core.StandardContext.startInternal(
> StandardContext.java:5373)
>  at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:150)
>  at org.apache.catalina.core.ContainerBase.addChildInternal(
> ContainerBase.java:901)
>  at org.apache.catalina.core.ContainerBase.addChild(
> ContainerBase.java:877)
>  at org.apache.catalina.core.StandardHost.addChild(
> StandardHost.java:649)
>  at org.apache.catalina.startup.HostConfig.deployDirectory(
> HostConfig.java:1247)
>  at org.apache.catalina.startup.HostConfig$DeployDirectory.
> run(HostConfig.java:1898)
>  at java.util.concurrent.Executors$RunnableAdapter.
> call(Executors.java:511)
>  at java.util.concurrent.FutureTask.run(FutureTask.java:266)
>  at java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1142)
>  at java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:617)
>  at java.lang.Thread.run(Thread.java:745)
> Caused by: org.apache.catalina.LifecycleException: Exception opening
> directory server connection
>  at org.apache.catalina.realm.JNDIRealm.startInternal(
> JNDIRealm.java:2191)
>  at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:150)
>  ... 14 more
> Caused by: javax.naming.CommunicationException: localhost:389 [Root
> exception is java.net.ConnectException: Connection refused: connect]
>  at com.sun.jndi.ldap.Connection.(Connection.java:216)
>  at com.sun.jndi.ldap.LdapClient.(LdapClient.java:137)
>  at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
>  at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
>  at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
>  at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(
> LdapCtxFactory.java:70)
>  at javax.naming.spi.NamingManager.getInitialContext(
> NamingManager.java:684)
>  at javax.naming.InitialContext.getDefaultInitCtx(
> InitialContext.java:313)
>  at javax.naming.InitialContext.init(InitialContext.java:244)
>  at javax.naming.InitialContext.(InitialContext.java:216)
>  at javax.naming.directory.InitialDirContext.(
> InitialDirContext.java:101)
>  at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:2108)
>  at org.apache.catalina.realm.JNDIRealm.startInternal(
> JNDIRealm.java:2189)
>  ... 15 more
> Caused by: java.net.ConnectException: Connection refused: connect
>  at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method)
>  at java.net.AbstractPlainSocketImpl.doConnect(
> AbstractPlainSocketImpl.java:350)
>  at java.net.AbstractPlainSocketImpl.connectToAddress(
> AbstractPlainSocketImpl.java:206)
>  at java.net.AbstractPlainSocketImpl.connect(
> AbstractPlainSocketImpl.java:188)
>  at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
>  at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
>  at java.net.Socket.connect(Socket.java:589)
>  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>  at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:62)
>  at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
>  at java.lang.reflect.Method.invoke(Method.java:498)
>  at com.sun.jndi.ldap.Connection.createSocket(Connection.java:350)
>  at

Is LDAP connection failing?

2018-04-05 Thread Suvendu Sekhar Mondal 
Hello Everyone,

Recently in one of our environments I am seeing following log in
Catalina.out. It seems that LDAP connection is failing. This issue is
sporadic and goes away with Tomcat recycle.

One interesting thing is "localhost:389" part. I could not find out
any configuration related to that. It could happen that I am not
looking at the correct place.

We have 200+ JVMs out there which were starting up simultaneously but
this happens for some of them sporadically. I suspect that some race
condition might be causing this failure but could not found any
evidence so far. Can someone please suggest how can I identify what is
failing? and why it is failing?

Thanks!
Suvendu

Stack trace:
2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
Deploying web application directory D:\xxx\webapps\ROOT
2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
- Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
org.apache.catalina.LifecycleException: Failed to start component
[Realm[JNDIRealm]]
 at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:154)
 at 
org.apache.catalina.realm.CombinedRealm.startInternal(CombinedRealm.java:201)
 at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
 at 
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5373)
 at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
 at 
org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:901)
 at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:877)
 at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:649)
 at 
org.apache.catalina.startup.HostConfig.deployDirectory(HostConfig.java:1247)
 at 
org.apache.catalina.startup.HostConfig$DeployDirectory.run(HostConfig.java:1898)
 at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
 at java.util.concurrent.FutureTask.run(FutureTask.java:266)
 at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
 at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
 at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.catalina.LifecycleException: Exception opening
directory server connection
 at org.apache.catalina.realm.JNDIRealm.startInternal(JNDIRealm.java:2191)
 at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
 ... 14 more
Caused by: javax.naming.CommunicationException: localhost:389 [Root
exception is java.net.ConnectException: Connection refused: connect]
 at com.sun.jndi.ldap.Connection.(Connection.java:216)
 at com.sun.jndi.ldap.LdapClient.(LdapClient.java:137)
 at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
 at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
 at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319)
 at 
com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:70)
 at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
 at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
 at javax.naming.InitialContext.init(InitialContext.java:244)
 at javax.naming.InitialContext.(InitialContext.java:216)
 at 
javax.naming.directory.InitialDirContext.(InitialDirContext.java:101)
 at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:2108)
 at org.apache.catalina.realm.JNDIRealm.startInternal(JNDIRealm.java:2189)
 ... 15 more
Caused by: java.net.ConnectException: Connection refused: connect
 at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method)
 at 
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
 at 
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
 at 
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
 at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
 at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
 at java.net.Socket.connect(Socket.java:589)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
 at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498)
 at com.sun.jndi.ldap.Connection.createSocket(Connection.java:350)
 at com.sun.jndi.ldap.Connection.(Connection.java:203)
 ... 27 more

2018-04-02 20:34:35,059 INFO org.apache.catalina.startup.HostConfig -
Deployment of web application directory D:\xxx\webapps\ROOT has
finished in 7,766 ms
2018-04-02 20:34:35,075 INFO
org.apache.coyote.http11.Http11AprProtocol - Starting ProtocolHandler
["http-apr-18110"]
2018-04-02 20:34:35,091 INFO org.apache.coyote.ajp.AjpAprProtocol -
Starting ProtocolHandler ["ajp-apr-18111"]