[
https://issues.apache.org/jira/browse/DIRAPI-339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16829296#comment-16829296
]
Michael Barkdoll edited comment on DIRAPI-339 at 4/29/19 2:31 PM:
------------------------------------------------------------------
Ok, I found out what my issue is finally.
* After I hardcoded an /etc/hosts entry with a single static ip address and
passed a static ip for the ldap service into the application it must've removed
the timeout issue [1] that was occurring against an a Windows Domain Controller
ldap service that is hosted in the cloud.
My issue now is that:
* The windows team here are unable to remove this DNS entry since they need it
for something!? There is only one DC in the cloud and six on site, so if the
ldap api retried with a new DNS request I'm guessing my application wouldn't
fail and would succeed since the next time that I try to login the attempt is
successful every time. I'm curious if that is possible from your end or if I
should just leave the /etc/hosts file hardcoded for this particular
authentication service?
What do you think [~elecharny] and [~seelmann]? Thanks for your help with this
issue.
Error log finally attached:
[1] [https://gist.github.com/michaelbarkdoll/8ca0be025caf40b705295fddfcb9d032]
was (Author: michaelbarkdoll):
Ok, I found out what my issue is finally.
* After I hardcoded an /etc/hosts entry with a single static ip address it
must've removed the timeout issue [1] that was occurring against an a Windows
Domain Controller ldap service that is hosted in the cloud.
My issue now is that:
* The windows team here are unable to remove this DNS entry since they need it
for something!? There is only one DC in the cloud and six on site, so if the
ldap api retried with a new DNS request I'm guessing my application wouldn't
fail and would succeed since the next time that I try to login the attempt is
successful every time. I'm curious if that is possible from your end or if I
should just leave the /etc/hosts file hardcoded for this particular
authentication service?
What do you think [~elecharny] and [~seelmann]? Thanks for your help with this
issue.
Error log finally attached:
[1] [https://gist.github.com/michaelbarkdoll/8ca0be025caf40b705295fddfcb9d032]
> NPE - RR_04122_SSL_CONTEXT_INIT_FAILURE
> ---------------------------------------
>
> Key: DIRAPI-339
> URL: https://issues.apache.org/jira/browse/DIRAPI-339
> Project: Directory Client API
> Issue Type: Bug
> Environment: Apache Guacamole Tomcat .WAR Servlet attempts to
> authenticate with Windows AD 2016 Active Directory LDAP services.
> Reporter: Michael Barkdoll
> Assignee: Emmanuel Lecharny
> Priority: Major
> Attachments: error6.txt
>
>
> I'm experiencing a Null Pointer Exception (NPE) from the Apache LDAP API.
> I've tried using the latest code in the github repo [1] and the issue is
> still present.
> Essentially, users are most the time able to authenticate, but some rare
> times (1 in 20 to 50 times) this error shows up in the logs and the user has
> to refresh the page and attempt to log in a second time.
> [1] https://github.com/apache/directory-ldap-api
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
