Thanks Phil i will check the logfile of the firewall (checkpoint).
2008/2/22, Ames, Phillip <[EMAIL PROTECTED]>: > > Is your firewall stateful? Does CAS open a persistent LDAP > connection? If so, and it does not send any data through that connection > for 'N' seconds where 'N' is the maximum idle time (when no packets are > sent) before your firewall removes that session from its session table, you > could be seeing a session expiration issue. The resulting effect would be > that the firewall would drop all packets sent after 'N' idle seconds since > it cannot find that session in its session table. CAS would need to > reconnect to the LDAP server (going through the whole TCP 3-way handshake). > > In short, check your firewall logs to see if anything shows up involving > the CAS server and your LDAP server. > > -Phil > > > -----Original Message----- > From: [EMAIL PROTECTED] on behalf of Tarik Arrad > Sent: Thu 2/21/2008 5:08 PM > To: [email protected] > Subject: openldap behind firewall > > Hi all, > i have a problem with my cas authentication, on my architecture i have 2 > cas > server 3.1 as front-end and 2 openldap server as back-end behind a > firewall, > everything works fine but from time to time i have this error message : > > ** > *exception* > > org.springframework.web.util.NestedServletException: Request > processing failed; nested exception is > org.springframework.webflow.engine.ActionExecutionException: Exception > thrown executing [EMAIL PROTECTED] targetAction = > [EMAIL PROTECTED], > attributes = map['method' -> 'submit']] in state 'submit' of flow > 'login-webflow' -- action execution attributes were 'map['method' -> > 'submit']'; nested exception is > org.springframework.ldap.UncategorizedLdapException: Operation failed; > nested exception is javax.naming.ServiceUnavailableException: > 10.127.11.12:389; socket closed; remaining name 'dc=mooja,dc=ma' > org.springframework.web.servlet.FrameworkServlet.processRequest( > FrameworkServlet.java:487) > org.springframework.web.servlet.FrameworkServlet.doPost( > FrameworkServlet.java:440) > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > org.jasig.cas.web.init.SafeDispatcherServlet.service( > SafeDispatcherServlet.java:115) > > *cause mère* > > org.springframework.webflow.engine.ActionExecutionException: Exception > thrown executing [EMAIL PROTECTED] targetAction = > [EMAIL PROTECTED], > attributes = map['method' -> 'submit']] in state 'submit' of flow > 'login-webflow' -- action execution attributes were 'map['method' -> > 'submit']'; nested exception is > org.springframework.ldap.UncategorizedLdapException: Operation failed; > nested exception is javax.naming.ServiceUnavailableException: > 10.127.11.12:389; socket closed; remaining name 'dc=mooja,dc=ma' > org.springframework.webflow.engine.ActionExecutor.execute( > ActionExecutor.java:68) > org.springframework.webflow.engine.ActionState.doEnter( > ActionState.java:180) > org.springframework.webflow.engine.State.enter(State.java:200) > org.springframework.webflow.engine.Transition.execute( > Transition.java:229) > org.springframework.webflow.engine.TransitionableState.onEvent( > TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > (RequestControlContextImpl.java:208) > org.springframework.webflow.engine.ActionState.doEnter( > ActionState.java:185) > org.springframework.webflow.engine.State.enter(State.java:200) > org.springframework.webflow.engine.Transition.execute( > Transition.java:229) > org.springframework.webflow.engine.TransitionableState.onEvent( > TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > (RequestControlContextImpl.java:208) > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent( > FlowExecutionImpl.java:214) > org.springframework.webflow.executor.FlowExecutorImpl.resume( > FlowExecutorImpl.java:245) > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest > (FlowRequestHandler.java:115) > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal > (FlowController.java:172) > > org.springframework.web.servlet.mvc.AbstractController.handleRequest( > AbstractController.java:153) > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle( > SimpleControllerHandlerAdapter.java:48) > org.springframework.web.servlet.DispatcherServlet.doDispatch( > DispatcherServlet.java:857) > org.springframework.web.servlet.DispatcherServlet.doService( > DispatcherServlet.java:792) > org.springframework.web.servlet.FrameworkServlet.processRequest( > FrameworkServlet.java:475) > org.springframework.web.servlet.FrameworkServlet.doPost( > FrameworkServlet.java:440) > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > org.jasig.cas.web.init.SafeDispatcherServlet.service( > SafeDispatcherServlet.java:115) > > *cause mère* > > org.springframework.ldap.UncategorizedLdapException: Operation failed; > nested exception is javax.naming.ServiceUnavailableException: > 10.127.11.12:389; socket closed; remaining name 'dc=mooja,dc=ma' > org.springframework.ldap.DefaultNamingExceptionTranslator.translate > (DefaultNamingExceptionTranslator.java:93) > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:287) > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314) > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal > (BindLdapAuthenticationHandler.java:67) > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication > (AbstractUsernamePasswordAuthenticationHandler.java:56) > > org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate > (AbstractPreAndPostProcessingAuthenticationHandler.java:58) > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate > (AuthenticationManagerImpl.java:84) > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket( > CentralAuthenticationServiceImpl.java:383) > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit( > AuthenticationViaFormAction.java:107) > sun.reflect.GeneratedMethodAccessor60.invoke(Unknown Source) > sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:25) > java.lang.reflect.Method.invoke(Method.java:597) > org.springframework.webflow.util.DispatchMethodInvoker.invoke( > DispatchMethodInvoker.java:103) > org.springframework.webflow.action.MultiAction.doExecute( > MultiAction.java:136) > org.springframework.webflow.action.AbstractAction.execute( > AbstractAction.java:203) > org.springframework.webflow.engine.AnnotatedAction.execute( > AnnotatedAction.java:142) > org.springframework.webflow.engine.ActionExecutor.execute( > ActionExecutor.java:61) > org.springframework.webflow.engine.ActionState.doEnter( > ActionState.java:180) > org.springframework.webflow.engine.State.enter(State.java:200) > org.springframework.webflow.engine.Transition.execute( > Transition.java:229) > org.springframework.webflow.engine.TransitionableState.onEvent( > TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > (RequestControlContextImpl.java:208) > org.springframework.webflow.engine.ActionState.doEnter( > ActionState.java:185) > org.springframework.webflow.engine.State.enter(State.java:200) > org.springframework.webflow.engine.Transition.execute( > Transition.java:229) > org.springframework.webflow.engine.TransitionableState.onEvent( > TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > (RequestControlContextImpl.java:208) > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent( > FlowExecutionImpl.java:214) > org.springframework.webflow.executor.FlowExecutorImpl.resume( > FlowExecutorImpl.java:245) > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest > (FlowRequestHandler.java:115) > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal > (FlowController.java:172) > > org.springframework.web.servlet.mvc.AbstractController.handleRequest( > AbstractController.java:153) > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle( > SimpleControllerHandlerAdapter.java:48) > org.springframework.web.servlet.DispatcherServlet.doDispatch( > DispatcherServlet.java:857) > org.springframework.web.servlet.DispatcherServlet.doService( > DispatcherServlet.java:792) > org.springframework.web.servlet.FrameworkServlet.processRequest( > FrameworkServlet.java:475) > org.springframework.web.servlet.FrameworkServlet.doPost( > FrameworkServlet.java:440) > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > org.jasig.cas.web.init.SafeDispatcherServlet.service( > SafeDispatcherServlet.java:115) > > *cause mère* > > javax.naming.ServiceUnavailableException: 10.127.11.12:389; socket > closed; remaining name 'dc=mooja,dc=ma' > com.sun.jndi.ldap.Connection.readReply(Connection.java:416) > com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:611) > com.sun.jndi.ldap.LdapClient.search(LdapClient.java:534) > com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1948) > com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1810) > com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1735) > com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search( > ComponentDirContext.java:368) > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search( > PartialCompositeDirContext.java:338) > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search( > PartialCompositeDirContext.java:321) > javax.naming.directory.InitialDirContext.search( > InitialDirContext.java:248) > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler$1.executeSearch( > BindLdapAuthenticationHandler.java:71) > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:268) > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314) > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal > (BindLdapAuthenticationHandler.java:67) > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication > (AbstractUsernamePasswordAuthenticationHandler.java:56) > > org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate > (AbstractPreAndPostProcessingAuthenticationHandler.java:58) > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate > (AuthenticationManagerImpl.java:84) > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket( > CentralAuthenticationServiceImpl.java:383) > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit( > AuthenticationViaFormAction.java:107) > sun.reflect.GeneratedMethodAccessor60.invoke(Unknown Source) > sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:25) > java.lang.reflect.Method.invoke(Method.java:597) > org.springframework.webflow.util.DispatchMethodInvoker.invoke( > DispatchMethodInvoker.java:103) > org.springframework.webflow.action.MultiAction.doExecute( > MultiAction.java:136) > org.springframework.webflow.action.AbstractAction.execute( > AbstractAction.java:203) > org.springframework.webflow.engine.AnnotatedAction.execute( > AnnotatedAction.java:142) > org.springframework.webflow.engine.ActionExecutor.execute( > ActionExecutor.java:61) > org.springframework.webflow.engine.ActionState.doEnter( > ActionState.java:180) > org.springframework.webflow.engine.State.enter(State.java:200) > org.springframework.webflow.engine.Transition.execute( > Transition.java:229) > org.springframework.webflow.engine.TransitionableState.onEvent( > TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > (RequestControlContextImpl.java:208) > org.springframework.webflow.engine.ActionState.doEnter( > ActionState.java:185) > org.springframework.webflow.engine.State.enter(State.java:200) > org.springframework.webflow.engine.Transition.execute( > Transition.java:229) > org.springframework.webflow.engine.TransitionableState.onEvent( > TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > (RequestControlContextImpl.java:208) > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent( > FlowExecutionImpl.java:214) > org.springframework.webflow.executor.FlowExecutorImpl.resume( > FlowExecutorImpl.java:245) > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest > (FlowRequestHandler.java:115) > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal > (FlowController.java:172) > > org.springframework.web.servlet.mvc.AbstractController.handleRequest( > AbstractController.java:153) > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle( > SimpleControllerHandlerAdapter.java:48) > org.springframework.web.servlet.DispatcherServlet.doDispatch( > DispatcherServlet.java:857) > org.springframework.web.servlet.DispatcherServlet.doService( > DispatcherServlet.java:792) > org.springframework.web.servlet.FrameworkServlet.processRequest( > FrameworkServlet.java:475) > org.springframework.web.servlet.FrameworkServlet.doPost( > FrameworkServlet.java:440) > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > org.jasig.cas.web.init.SafeDispatcherServlet.service( > SafeDispatcherServlet.java:115) > > I need your help > Thanks. > > Tarik Arrad > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
