the firewall is statuful, is there any special configuration to do on cas server or openldap?
2008/2/22, Tarik Arrad <[EMAIL PROTECTED]>: > > Thanks Phil i will check the logfile of the firewall (checkpoint). > > 2008/2/22, Ames, Phillip <[EMAIL PROTECTED]>: > > > > Is your firewall stateful? Does CAS open a persistent LDAP > > connection? If so, and it does not send any data through that connection > > for 'N' seconds where 'N' is the maximum idle time (when no packets are > > sent) before your firewall removes that session from its session table, you > > could be seeing a session expiration issue. The resulting effect would be > > that the firewall would drop all packets sent after 'N' idle seconds since > > it cannot find that session in its session table. CAS would need to > > reconnect to the LDAP server (going through the whole TCP 3-way handshake). > > > > In short, check your firewall logs to see if anything shows up involving > > the CAS server and your LDAP server. > > > > -Phil > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] on behalf of Tarik Arrad > > Sent: Thu 2/21/2008 5:08 PM > > To: [email protected] > > Subject: openldap behind firewall > > > > Hi all, > > i have a problem with my cas authentication, on my architecture i have 2 > > cas > > server 3.1 as front-end and 2 openldap server as back-end behind a > > firewall, > > everything works fine but from time to time i have this error message : > > > > ** > > *exception* > > > > org.springframework.web.util.NestedServletException: Request > > processing failed; nested exception is > > org.springframework.webflow.engine.ActionExecutionException: Exception > > thrown executing [EMAIL PROTECTED] targetAction = > > [EMAIL PROTECTED], > > attributes = map['method' -> 'submit']] in state 'submit' of flow > > 'login-webflow' -- action execution attributes were 'map['method' -> > > 'submit']'; nested exception is > > org.springframework.ldap.UncategorizedLdapException: Operation failed; > > nested exception is javax.naming.ServiceUnavailableException: > > 10.127.11.12:389; socket closed; remaining name 'dc=mooja,dc=ma' > > org.springframework.web.servlet.FrameworkServlet.processRequest( > > FrameworkServlet.java:487) > > org.springframework.web.servlet.FrameworkServlet.doPost( > > FrameworkServlet.java:440) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > org.jasig.cas.web.init.SafeDispatcherServlet.service( > > SafeDispatcherServlet.java:115) > > > > *cause mère* > > > > org.springframework.webflow.engine.ActionExecutionException: Exception > > thrown executing [EMAIL PROTECTED] targetAction = > > [EMAIL PROTECTED], > > attributes = map['method' -> 'submit']] in state 'submit' of flow > > 'login-webflow' -- action execution attributes were 'map['method' -> > > 'submit']'; nested exception is > > org.springframework.ldap.UncategorizedLdapException: Operation failed; > > nested exception is javax.naming.ServiceUnavailableException: > > 10.127.11.12:389; socket closed; remaining name 'dc=mooja,dc=ma' > > org.springframework.webflow.engine.ActionExecutor.execute( > > ActionExecutor.java:68) > > org.springframework.webflow.engine.ActionState.doEnter( > > ActionState.java:180) > > org.springframework.webflow.engine.State.enter(State.java:200) > > org.springframework.webflow.engine.Transition.execute( > > Transition.java:229) > > org.springframework.webflow.engine.TransitionableState.onEvent( > > TransitionableState.java:112) > > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > > (RequestControlContextImpl.java:208) > > org.springframework.webflow.engine.ActionState.doEnter( > > ActionState.java:185) > > org.springframework.webflow.engine.State.enter(State.java:200) > > org.springframework.webflow.engine.Transition.execute( > > Transition.java:229) > > org.springframework.webflow.engine.TransitionableState.onEvent( > > TransitionableState.java:112) > > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > > (RequestControlContextImpl.java:208) > > > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent( > > FlowExecutionImpl.java:214) > > org.springframework.webflow.executor.FlowExecutorImpl.resume( > > FlowExecutorImpl.java:245) > > > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest > > (FlowRequestHandler.java:115) > > > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal > > (FlowController.java:172) > > > > org.springframework.web.servlet.mvc.AbstractController.handleRequest( > > AbstractController.java:153) > > > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle > > (SimpleControllerHandlerAdapter.java:48) > > org.springframework.web.servlet.DispatcherServlet.doDispatch( > > DispatcherServlet.java:857) > > org.springframework.web.servlet.DispatcherServlet.doService( > > DispatcherServlet.java:792) > > org.springframework.web.servlet.FrameworkServlet.processRequest( > > FrameworkServlet.java:475) > > org.springframework.web.servlet.FrameworkServlet.doPost( > > FrameworkServlet.java:440) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > org.jasig.cas.web.init.SafeDispatcherServlet.service( > > SafeDispatcherServlet.java:115) > > > > *cause mère* > > > > org.springframework.ldap.UncategorizedLdapException: Operation failed; > > nested exception is javax.naming.ServiceUnavailableException: > > 10.127.11.12:389; socket closed; remaining name 'dc=mooja,dc=ma' > > > > org.springframework.ldap.DefaultNamingExceptionTranslator.translate( > > DefaultNamingExceptionTranslator.java:93) > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java > > :287) > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java > > :314) > > > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal > > (BindLdapAuthenticationHandler.java:67) > > > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication > > (AbstractUsernamePasswordAuthenticationHandler.java:56) > > > > org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate > > (AbstractPreAndPostProcessingAuthenticationHandler.java:58) > > > > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate( > > AuthenticationManagerImpl.java:84) > > > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket > > (CentralAuthenticationServiceImpl.java:383) > > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit( > > AuthenticationViaFormAction.java:107) > > sun.reflect.GeneratedMethodAccessor60.invoke(Unknown Source) > > sun.reflect.DelegatingMethodAccessorImpl.invoke( > > DelegatingMethodAccessorImpl.java:25) > > java.lang.reflect.Method.invoke(Method.java:597) > > org.springframework.webflow.util.DispatchMethodInvoker.invoke( > > DispatchMethodInvoker.java:103) > > org.springframework.webflow.action.MultiAction.doExecute( > > MultiAction.java:136) > > org.springframework.webflow.action.AbstractAction.execute( > > AbstractAction.java:203) > > org.springframework.webflow.engine.AnnotatedAction.execute( > > AnnotatedAction.java:142) > > org.springframework.webflow.engine.ActionExecutor.execute( > > ActionExecutor.java:61) > > org.springframework.webflow.engine.ActionState.doEnter( > > ActionState.java:180) > > org.springframework.webflow.engine.State.enter(State.java:200) > > org.springframework.webflow.engine.Transition.execute( > > Transition.java:229) > > org.springframework.webflow.engine.TransitionableState.onEvent( > > TransitionableState.java:112) > > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > > (RequestControlContextImpl.java:208) > > org.springframework.webflow.engine.ActionState.doEnter( > > ActionState.java:185) > > org.springframework.webflow.engine.State.enter(State.java:200) > > org.springframework.webflow.engine.Transition.execute( > > Transition.java:229) > > org.springframework.webflow.engine.TransitionableState.onEvent( > > TransitionableState.java:112) > > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > > (RequestControlContextImpl.java:208) > > > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent( > > FlowExecutionImpl.java:214) > > org.springframework.webflow.executor.FlowExecutorImpl.resume( > > FlowExecutorImpl.java:245) > > > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest > > (FlowRequestHandler.java:115) > > > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal > > (FlowController.java:172) > > > > org.springframework.web.servlet.mvc.AbstractController.handleRequest( > > AbstractController.java:153) > > > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle > > (SimpleControllerHandlerAdapter.java:48) > > org.springframework.web.servlet.DispatcherServlet.doDispatch( > > DispatcherServlet.java:857) > > org.springframework.web.servlet.DispatcherServlet.doService( > > DispatcherServlet.java:792) > > org.springframework.web.servlet.FrameworkServlet.processRequest( > > FrameworkServlet.java:475) > > org.springframework.web.servlet.FrameworkServlet.doPost( > > FrameworkServlet.java:440) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > org.jasig.cas.web.init.SafeDispatcherServlet.service( > > SafeDispatcherServlet.java:115) > > > > *cause mère* > > > > javax.naming.ServiceUnavailableException: 10.127.11.12:389; socket > > closed; remaining name 'dc=mooja,dc=ma' > > com.sun.jndi.ldap.Connection.readReply(Connection.java:416) > > com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:611) > > com.sun.jndi.ldap.LdapClient.search(LdapClient.java:534) > > com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1948) > > com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1810) > > com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1735) > > com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search( > > ComponentDirContext.java:368) > > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search( > > PartialCompositeDirContext.java:338) > > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search( > > PartialCompositeDirContext.java:321) > > javax.naming.directory.InitialDirContext.search( > > InitialDirContext.java:248) > > > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler$1.executeSearch > > (BindLdapAuthenticationHandler.java:71) > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java > > :268) > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java > > :314) > > > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal > > (BindLdapAuthenticationHandler.java:67) > > > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication > > (AbstractUsernamePasswordAuthenticationHandler.java:56) > > > > org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate > > (AbstractPreAndPostProcessingAuthenticationHandler.java:58) > > > > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate( > > AuthenticationManagerImpl.java:84) > > > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket > > (CentralAuthenticationServiceImpl.java:383) > > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit( > > AuthenticationViaFormAction.java:107) > > sun.reflect.GeneratedMethodAccessor60.invoke(Unknown Source) > > sun.reflect.DelegatingMethodAccessorImpl.invoke( > > DelegatingMethodAccessorImpl.java:25) > > java.lang.reflect.Method.invoke(Method.java:597) > > org.springframework.webflow.util.DispatchMethodInvoker.invoke( > > DispatchMethodInvoker.java:103) > > org.springframework.webflow.action.MultiAction.doExecute( > > MultiAction.java:136) > > org.springframework.webflow.action.AbstractAction.execute( > > AbstractAction.java:203) > > org.springframework.webflow.engine.AnnotatedAction.execute( > > AnnotatedAction.java:142) > > org.springframework.webflow.engine.ActionExecutor.execute( > > ActionExecutor.java:61) > > org.springframework.webflow.engine.ActionState.doEnter( > > ActionState.java:180) > > org.springframework.webflow.engine.State.enter(State.java:200) > > org.springframework.webflow.engine.Transition.execute( > > Transition.java:229) > > org.springframework.webflow.engine.TransitionableState.onEvent( > > TransitionableState.java:112) > > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > > (RequestControlContextImpl.java:208) > > org.springframework.webflow.engine.ActionState.doEnter( > > ActionState.java:185) > > org.springframework.webflow.engine.State.enter(State.java:200) > > org.springframework.webflow.engine.Transition.execute( > > Transition.java:229) > > org.springframework.webflow.engine.TransitionableState.onEvent( > > TransitionableState.java:112) > > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent > > (RequestControlContextImpl.java:208) > > > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent( > > FlowExecutionImpl.java:214) > > org.springframework.webflow.executor.FlowExecutorImpl.resume( > > FlowExecutorImpl.java:245) > > > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest > > (FlowRequestHandler.java:115) > > > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal > > (FlowController.java:172) > > > > org.springframework.web.servlet.mvc.AbstractController.handleRequest( > > AbstractController.java:153) > > > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle > > (SimpleControllerHandlerAdapter.java:48) > > org.springframework.web.servlet.DispatcherServlet.doDispatch( > > DispatcherServlet.java:857) > > org.springframework.web.servlet.DispatcherServlet.doService( > > DispatcherServlet.java:792) > > org.springframework.web.servlet.FrameworkServlet.processRequest( > > FrameworkServlet.java:475) > > org.springframework.web.servlet.FrameworkServlet.doPost( > > FrameworkServlet.java:440) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > org.jasig.cas.web.init.SafeDispatcherServlet.service( > > SafeDispatcherServlet.java:115) > > > > I need your help > > Thanks. > > > > Tarik Arrad > > > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
