wow... dunno how but after a restart of the graylog-server instance, LDAP auth has started working....
2014/1/15 Jean-Luc Bassereau <[email protected]> > Hello, > > Here's what I have in the logs when I try to login with my LDAP account > (OpenLDAP) : > > 2014-01-15 13:07:22,348 DEBUG: org.apache.shiro.realm.AuthenticatingRealm > - No AuthenticationInfo found for submitted AuthenticationToken > [org.apache.shiro.authc.UsernamePasswordToken - jlbassereau, > rememberMe=false]. Returning null. > 2014-01-15 13:07:22,348 WARN : > org.graylog2.rest.resources.system.SessionsResource - Unable to log in user > jlbassereau > org.apache.shiro.authc.AuthenticationException: No account information > found for authentication token > [org.apache.shiro.authc.UsernamePasswordToken - jlbassereau, > rememberMe=false] by this Authenticator instance. Please check that it is > configured correctly. > at > org.apache.shiro.authc.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:202) > at > org.apache.shiro.mgt.AuthenticatingSecurityManager.authenticate(AuthenticatingSecurityManager.java:106) > at > org.apache.shiro.mgt.DefaultSecurityManager.login(DefaultSecurityManager.java:270) > at > org.apache.shiro.subject.support.DelegatingSubject.login(DelegatingSubject.java:256) > at > org.graylog2.rest.resources.system.SessionsResource.newSession(SessionsResource.java:77) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at > org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory$1.invoke(ResourceMethodInvocationHandlerFactory.java:81) > at > org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:151) > at > org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:171) > at > org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$TypeOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:195) > at > org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:104) > at > org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:402) > at > org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:349) > at > org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:106) > at > org.glassfish.jersey.server.ServerRuntime$1.run(ServerRuntime.java:259) > at org.glassfish.jersey.internal.Errors$1.call(Errors.java:271) > at org.glassfish.jersey.internal.Errors$1.call(Errors.java:267) > at org.glassfish.jersey.internal.Errors.process(Errors.java:315) > at org.glassfish.jersey.internal.Errors.process(Errors.java:297) > at org.glassfish.jersey.internal.Errors.process(Errors.java:267) > at > org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:318) > at > org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:236) > at > org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:1010) > at > org.graylog2.jersey.container.netty.NettyContainer.messageReceived(NettyContainer.java:254) > at > org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70) > at > org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) > at > org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791) > at > org.jboss.netty.handler.stream.ChunkedWriteHandler.handleUpstream(ChunkedWriteHandler.java:142) > at > org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) > at > org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791) > at > org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:296) > at > org.jboss.netty.handler.codec.frame.FrameDecoder.unfoldAndFireMessageReceived(FrameDecoder.java:459) > at > org.jboss.netty.handler.codec.replay.ReplayingDecoder.callDecode(ReplayingDecoder.java:536) > at > org.jboss.netty.handler.codec.replay.ReplayingDecoder.messageReceived(ReplayingDecoder.java:435) > at > org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70) > at > org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564) > at > org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559) > at > org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268) > at > org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255) > at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88) > at > org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108) > at > org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:318) > at > org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89) > at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178) > at > org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108) > at > org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:724) > > > Regards. > > > 2014/1/15 Kay Röpke <[email protected]> > >> mmh, that's odd. >> Are you using LDAP or ActiveDirectory? >> >> With the admin user logged in you can go to System / Logging and then >> turn the authentication subsystem to TRACE. >> That should give you a little more information on what goes wrong. >> >> Kay >> >> >> On Tuesday, January 14, 2014 6:48:19 PM UTC+1, Jean-Luc Bassereau wrote: >> >>> Hello, >>> >>> I've checked the mongo db and only local users have entries. >>> BTW, i'm not using SSL but I'm glas I've helped you to solve a bug ;-) >>> >>> >>> 2014/1/14 Kay Röpke <[email protected]> >>> >>>> Yup, LDAPS is broken :( >>>> >>>> We'll fix it in RC2. >>>> >>>> Sorry for the inconveniences! >>>> >>>> >>>> On Tuesday, January 14, 2014 6:10:59 PM UTC+1, Kay Röpke wrote: >>>>> >>>>> Jean-Luc, >>>>> >>>>> are you using SSL to connect to LDAP? >>>>> I might've found a bug with the trust manager config when using SSL, >>>>> which might to lead to this error. >>>>> The connection/login test accepts self-signed certs, while the other >>>>> one doesn't. >>>>> >>>>> Best, >>>>> Kay >>>>> >>>>> On Tuesday, January 14, 2014 3:09:15 PM UTC+1, Jean-Luc Bassereau >>>>> wrote: >>>>>> >>>>>> Hello, >>>>>> >>>>>> Should LDAP connector be working on this release ? >>>>>> Here's my settings, under /system/ldap, I've set binding to my ldap >>>>>> server. >>>>>> The test server connection seems to work well : >>>>>> >>>>>> >>>>>> >>>>>> Besides, then credential tests works well with my own account : >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> Whereas, when I try to log in with my LDAP account, it fails with >>>>>> this : >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Regards, >>>>>> Jean-Luc Bassereau >>>>>> >>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "graylog2" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> >>>> For more options, visit https://groups.google.com/groups/opt_out. >>>> >>> >>> >>> >>> -- >>> Cordialement, >>> Jean-Luc Bassereau >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "graylog2" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > > > -- > Cordialement, > Jean-Luc Bassereau > -- Cordialement, Jean-Luc Bassereau -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
