On Thu, Jun 22, 2017 at 9:18 AM, David Hübner <[email protected]> wrote:
> Fast forward to authentication. There is a timeout when reading the LDAP
> response. So essentially there never is a response. See the log below for
> this part:
>
> 2017-06-22 15:07:13,564 DEBUG [org.ldaptive.SearchOperation] - <execute
> request=[org.ldaptive.SearchRequest@1990922963::baseDn=dc=example,dc=org,
> searchFilter=[org.ldaptive.SearchFilter@538592870::filter=uid={user},
> parameters={context=null, user=t.benutzer}], returnAttributes=[1.1],
> searchScope=SUBTREE, timeLimit=PT0S, sizeLimit=0, derefAliases=null,
> typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED,
> searchEntryHandlers=null, searchReferenceHandlers=null, controls=null,
> referralHandler=null, intermediateResponseHandlers=null] with
> connection=[org.ldaptive.DefaultConnectionFactory$DefaultCon
> nection@1341165364::config=[org.ldaptive.ConnectionConfig@
> 1707652548::ldapUrl=ldap://openldap-1.daasi.prj:3890,
> connectTimeout=PT5S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.Ss
> lConfig@215657008::credentialConfig=null, trustManagers=null,
> enabledCipherSuites=null, enabledProtocols=null,
> handshakeCompletedListeners=null], useSSL=false, useStartTLS=false,
> connectionInitializer=[org.ldaptive.BindConnectionInitializer@983570221
> ::bindDn=cn=manager,dc=example,dc=org, bindSaslConfig=null,
> bindControls=null], connectionStrategy=org.ldaptiv
> e.DefaultConnectionStrategy@36e4c967], providerConnectionFactory=[org
> .ldaptive.provider.jndi.JndiConnectionFactory@1968431256::
> metadata=[ldapUrl=ldap://openldap-1.daasi.prj:3890, count=1],
> environment={com.sun.jndi.ldap.connect.timeout=5000,
> java.naming.ldap.version=3, java.naming.factory.initial=co
> m.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.read.timeout=5000},
> classLoader=null, providerConfig=[org.ldaptive.p
> rovider.jndi.JndiProviderConfig@1701617828::operationExceptionResultCodes=[PROTOCOL_ERROR,
> SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.
> provider.ControlProcessor@622e959f, environment=null, tracePackets=null,
> removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED,
> SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], classLoader=null,
> sslSocketFactory=null, hostnameVerifier=null]],
> providerConnection=org.ldaptive.provider.jndi.JndiConnection@296c3fc1]>
> 2017-06-22 15:07:18,748 DEBUG
> [org.ldaptive.provider.jndi.NamingExceptionUtils]
> - <naming exception class javax.naming.NamingException is ambiguous, maps
> to multiple result codes: [OPERATIONS_ERROR, ALIAS_PROBLEM,
> ALIAS_DEREFERENCING_PROBLEM, LOOP_DETECT, AFFECTS_MULTIPLE_DSAS, OTHER]>
> 2017-06-22 15:07:18,760 ERROR [org.apereo.cas.authentication
> .PolicyBasedAuthenticationManager] - <[LdapAuthenticationHandler]:
> [Unexpected LDAP error] (Details: [javax.naming.NamingException: LDAP
> response read timed out, timeout used:5000ms.; remaining name
> 'dc=example,dc=org'])>
> 2017-06-22 15:07:18,761 WARN [org.apereo.cas.authentication
> .PolicyBasedAuthenticationManager] - <Authentication has failed.
> Credentials may be incorrect or CAS cannot find authentication handler that
> supports [t.benutzer] of type [UsernamePasswordCredential], which suggests
> a configuration problem.>
>
>
What does your pooling configuration look like?
--Daniel Fisher
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFC6YwSRiODiTw6%3DvyftVaG3ft2txp3UFhFPp17ucDtFzYf-9A%40mail.gmail.com.
