Gareth, >From the error message > org.springframework.ldap.CommunicationException: simple bind failed: > ****.***.ac.uk:389; nested exception is javax.naming.CommunicationException: > simple bind failed: ****.***.ac.uk:389 [Root exception is > javax.net.ssl.SSLHandshakeException: Remote host closed connection during > handshake]
Something doesn't add up here. You try a secure LDAPS handshake on port 389. Normally Ldaps is handled on 636 I think. Your connection string should start with ldap:// instead of leaps:// or you need to change your port for secure ldap. Also if you want to do secure ldap you need to import the Windows security certificate so that it is trusted by your java engine (I think that bit is mentioned somewhere in the docs if I remember correctly). -- Rene On 10 Feb 2011, at 10:02, Gareth Mitchell wrote: > Hello, > > Right, I tested LDAP and bind unsecured from one of our member servers to the > original DC I was querying and also a second DC and returned queries without > a problem, then I tried changing the target DC in CAS to the second DC and > got the following error: > > Is this purely a communication error, it seems to suggest the use of SSL when > I had specified the unsecured LDAP port, somewhat confused. > > Many thanks > > Gareth > > HTTP Status 500 - > > -------------------------------------------------------------------------------- > > type Exception report > > message > > description The server encountered an internal error () that prevented it > from fulfilling this request. > > exception > > org.springframework.web.util.NestedServletException: Request processing > failed; nested exception is > org.springframework.webflow.engine.ActionExecutionException: Exception thrown > executing [AnnotatedAction@1933acb targetAction = > org.jasig.cas.web.flow.AuthenticationViaFormAction@d337d3, attributes = > map['method' -> 'submit']] in state 'submit' of flow 'login-webflow' -- > action execution attributes were 'map['method' -> 'submit']'; nested > exception is org.springframework.ldap.CommunicationException: simple bind > failed: ****.***.ac.uk:389; nested exception is > javax.naming.CommunicationException: simple bind failed: ****.***.ac.uk:389 > [Root exception is javax.net.ssl.SSLHandshakeException: Remote host closed > connection during handshake] > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:583) > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511) > javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > > org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48) > > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) > > > root cause > > org.springframework.webflow.engine.ActionExecutionException: Exception thrown > executing [AnnotatedAction@1933acb targetAction = > org.jasig.cas.web.flow.AuthenticationViaFormAction@d337d3, attributes = > map['method' -> 'submit']] in state 'submit' of flow 'login-webflow' -- > action execution attributes were 'map['method' -> 'submit']'; nested > exception is org.springframework.ldap.CommunicationException: simple bind > failed: ****.***.ac.uk:389; nested exception is > javax.naming.CommunicationException: simple bind failed: ****.***.ac.uk:389 > [Root exception is javax.net.ssl.SSLHandshakeException: Remote host closed > connection during handshake] > > org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:64) > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:156) > org.springframework.webflow.engine.State.enter(State.java:191) > > org.springframework.webflow.engine.Transition.execute(Transition.java:212) > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:534) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205) > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:161) > org.springframework.webflow.engine.State.enter(State.java:191) > > org.springframework.webflow.engine.Transition.execute(Transition.java:212) > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:534) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205) > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:202) > > org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:222) > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:111) > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:165) > > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) > > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875) > > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807) > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571) > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511) > javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > > org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48) > > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) > > > root cause > > org.springframework.ldap.CommunicationException: simple bind failed: > ****.***.ac.uk:389; nested exception is javax.naming.CommunicationException: > simple bind failed: ****.***.ac.uk:389 [Root exception is > javax.net.ssl.SSLHandshakeException: Remote host closed connection during > handshake] > > org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:98) > > org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:266) > > org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106) > > org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:125) > > org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:287) > > org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:361) > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:66) > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:56) > > org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate(AbstractPreAndPostProcessingAuthenticationHandler.java:71) > > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:88) > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:417) > > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:107) > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown > Source) > java.lang.reflect.Method.invoke(Unknown Source) > > org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:99) > > org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:133) > > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:192) > > org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:146) > > org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:59) > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:156) > org.springframework.webflow.engine.State.enter(State.java:191) > > org.springframework.webflow.engine.Transition.execute(Transition.java:212) > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:534) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205) > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:161) > org.springframework.webflow.engine.State.enter(State.java:191) > > org.springframework.webflow.engine.Transition.execute(Transition.java:212) > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:534) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205) > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:202) > > org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:222) > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:111) > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:165) > > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) > > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875) > > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807) > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571) > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511) > javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > > org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48) > > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) > > > root cause > > javax.naming.CommunicationException: simple bind failed: ****.***.ac.uk:389 > [Root exception is javax.net.ssl.SSLHandshakeException: Remote host closed > connection during handshake] > com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source) > com.sun.jndi.ldap.LdapCtx.connect(Unknown Source) > com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source) > com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source) > com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source) > com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown > Source) > com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown > Source) > javax.naming.spi.NamingManager.getInitialContext(Unknown > Source) > javax.naming.InitialContext.getDefaultInitCtx(Unknown Source) > javax.naming.InitialContext.init(Unknown Source) > javax.naming.ldap.InitialLdapContext.<init>(Unknown Source) > > org.springframework.ldap.core.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:43) > > org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:254) > > org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106) > > org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:125) > > org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:287) > > org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:361) > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:66) > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:56) > > org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate(AbstractPreAndPostProcessingAuthenticationHandler.java:71) > > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:88) > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:417) > > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:107) > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) > sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown > Source) > java.lang.reflect.Method.invoke(Unknown Source) > > org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:99) > > org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:133) > > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:192) > > org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:146) > > org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:59) > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:156) > org.springframework.webflow.engine.State.enter(State.java:191) > > org.springframework.webflow.engine.Transition.execute(Transition.java:212) > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:534) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205) > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:161) > org.springframework.webflow.engine.State.enter(State.java:191) > > org.springframework.webflow.engine.Transition.execute(Transition.java:212) > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:107) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:534) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:205) > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:202) > > org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:222) > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:111) > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:165) > > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) > > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875) > > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807) > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571) > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511) > javax.servlet.http.HttpServlet.service(HttpServlet.java:637) > javax.servlet.http.HttpServlet.service(HttpServlet.java:717) > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > > org.inspektr.common.web.ClientInfoThreadLocalFilter.doFilterInternal(ClientInfoThreadLocalFilter.java:48) > > org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:76) > > > root cause > > javax.net.ssl.SSLHandshakeException: Remote host closed connection during > handshake > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown > Source) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown > Source) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(Unknown Source) > com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown > Source) > java.io.BufferedInputStream.fill(Unknown Source) > java.io.BufferedInputStream.read1(Unknown Source) > java.io.BufferedInputStream.read(Unknown Source) > com.sun.jndi.ldap.Connection.run(Unknown Source) > java.lang.Thread.run(Unknown Source) > > > root cause > > java.io.EOFException: SSL peer shut down incorrectly > com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source) > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown > Source) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown > Source) > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(Unknown Source) > com.sun.net.ssl.internal.ssl.AppInputStream.read(Unknown > Source) > java.io.BufferedInputStream.fill(Unknown Source) > java.io.BufferedInputStream.read1(Unknown Source) > java.io.BufferedInputStream.read(Unknown Source) > com.sun.jndi.ldap.Connection.run(Unknown Source) > java.lang.Thread.run(Unknown Source) > > > note The full stack trace of the root cause is available in the Apache > Tomcat/6.0.20 logs. > > > -------------------------------------------------------------------------------- > > Apache Tomcat/6.0.20 > > > > > > This message has been scanned for malware by Websense. www.websense.com > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user Rene Schaetzl Director of ICT Services Varndean School -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
