My favorites | Sign in
Project Home Downloads Wiki Issues Source
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 594: com.google.gerrit.server.auth.ldap.LdapRealm : Cannot query LDAP to autenticate user
3 people starred this issue and may be notified of changes. Back to list
Status:  Released
Owner:  ----
Closed:  Mar 2012


Sign in to add a comment
 
Reported by tibor.ma...@gmail.com, Jun 11, 2010
Affected Version: 2.1.2.5
Domain controller: windows Server 2008 x86

Error in subject showed in error log when I try to log in with active directory user name and password.

configuration file:

[container]
        javaOptions = -Djava.naming.referral=follow
[ldap]
        server = ldap://dc1.domain.name.com:389
        username = gerrit   
#we try gerrit@domain.name.com format too
        password = password
        accountScope = subtree
        accountBase = DC=domain,DC=name,DC=com
        accountPattern = (sAMAccountName=${username})
        groupBase = ou=Departments,dc=domain,dc=name,dc=com
        accountFullName = displayName
        accountEmailAddress = ${mail.toLowerCase}




LOG:

[2010-06-11 11:26:32,121] ERROR com.google.gerrit.server.auth.ldap.LdapRealm : Cannot query LDAP to autenticate user
javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name 'DC=domain,DC=name,DC=com'
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
        at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:129)
        at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:198)
        at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)
        at com.google.gerrit.server.auth.ldap.LdapQuery.query(LdapQuery.java:72)
        at com.google.gerrit.server.auth.ldap.LdapRealm.findAccount(LdapRealm.java:495)
        at com.google.gerrit.server.auth.ldap.LdapRealm.authenticate(LdapRealm.java:237)
        at com.google.gerrit.server.account.AccountManager.authenticate(AccountManager.java:106)
        at com.google.gerrit.httpd.auth.ldap.UserPassAuthServiceImpl.authenticate(UserPassAuthServiceImpl.java:57)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at com.google.gwtjsonrpc.server.MethodHandle.invoke(MethodHandle.java:91)
        at com.google.gwtjsonrpc.server.JsonServlet.doService(JsonServlet.java:382)
        at com.google.gwtjsonrpc.server.JsonServlet.service(JsonServlet.java:268)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
        at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:216)
        at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:141)
        at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:93)
        at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:63)
        at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:134)
        at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59)
        at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:134)
        at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59)
        at com.google.gwtexpui.server.CacheControlFilter.doFilter(CacheControlFilter.java:76)
        at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:129)
        at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59)
        at com.google.gerrit.httpd.RequestCleanupFilter.doFilter(RequestCleanupFilter.java:54)
        at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:129)
        at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59)
        at com.google.inject.servlet.FilterDefinition.doFilter(FilterDefinition.java:134)
        at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:59)
        at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:122)
        at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:110)
        at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1187)
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:425)
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:931)
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:362)
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:867)
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)
        at org.eclipse.jetty.server.handler.RequestLogHandler.handle(RequestLogHandler.java:50)
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:113)
        at org.eclipse.jetty.server.Server.handle(Server.java:334)
        at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:559)
        at org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:1007)
        at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:747)
        at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:209)
        at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:406)
        at org.eclipse.jetty.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:462)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:436)
        at java.lang.Thread.run(Thread.java:619)



Jun 16, 2010
#1 sop@google.com
Fixed by change Ibbae91747979be8ddbe01ce1977f3a194fa210db
Status: Fixed
Labels: FixedIn-2.1.3
Jul 9, 2010
#2 tibor.ma...@gmail.com
fixed with what? don't understand
Jul 13, 2010
#3 sop@google.com
This was fixed in version 2.1.3.
Jul 29, 2010
#4 meetsudh...@gmail.com
Even i  come across the same error eventhough i use gerrit-2.1.3.war. Can u tell me wat u did exactly to overcome this problem. My machine is running on RHEL5, and hav installed gerrit on my home directory. 

Please help me,

Regards,
Darshan.
Nov 21, 2011
#5 gava...@gmail.com
In case anyone else finds themselves on this page looking for an answer:

Checked out the source code and looked at the change. It seems that if you are getting this exception, add the following to the "[ldap]" section of gerrit.config:

    referral=follow


Mar 27, 2012
#6 sop@google.com
(No comment was entered for this change.)
Status: Released
Dec 16, 2015
#7 mohan.sh...@gmail.com
i'm also having same issue..

my config is :

[auth]
	type = LDAP
[ldap]
	server = ldap://SERVER_FQDN:3268
	username = USERNAME@ob.com
	accountBase = DC=Users,DC=ob,DC=com
        groupBase = DC=groups,DC=ob,DC=com
        accountPattern = (&(objectClass=person)(sAMAccountName=${username})) 
        groupMemberPattern = (sAMAccountName=${username}) 
        accountFullName = displayName
        accountEmailAddress = mail
        accountSshUserName = sAMAccountName 
        accountMemberField = Administrators

ERROR:


[2015-12-16 18:06:48,368] ERROR com.google.gerrit.server.auth.ldap.LdapRealm : Cannot query LDAP to authenticate user
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 52e, v1772 ]
	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
	at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
	at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
	at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
	at javax.naming.InitialContext.init(Unknown Source)
	at javax.naming.InitialContext.<init>(Unknown Source)
	at javax.naming.directory.InitialDirContext.<init>(Unknown Source)
	at com.google.gerrit.server.auth.ldap.Helper.open(Helper.java:140)
	at com.google.gerrit.server.auth.ldap.LdapRealm.authenticate(LdapRealm.java:217)
	at com.google.gerrit.server.account.AccountManager.authenticate(AccountManager.java:108)
	at com.google.gerrit.httpd.auth.ldap.LdapLoginServlet.doPost(LdapLoginServlet.java:125)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:644)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:725)
	at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:287)
	at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:277)
	at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:182)
	at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:91)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85)
	at com.google.gerrit.httpd.GetUserFilter.doFilter(GetUserFilter.java:82)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at com.google.gwtexpui.server.CacheControlFilter.doFilter(CacheControlFilter.java:73)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at com.google.gerrit.httpd.RunAsFilter.doFilter(RunAsFilter.java:117)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at com.google.gerrit.httpd.AllRequestFilter$FilterProxy$1.doFilter(AllRequestFilter.java:64)
	at com.google.gerrit.httpd.AllRequestFilter$FilterProxy.doFilter(AllRequestFilter.java:57)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at com.google.gerrit.httpd.RequestContextFilter.doFilter(RequestContextFilter.java:75)
	at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
	at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:119)
	at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:133)
	at com.google.inject.servlet.GuiceFilter$1.call(GuiceFilter.java:130)
	at com.google.inject.servlet.GuiceFilter$Context.call(GuiceFilter.java:203)
	at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:130)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
	at org.eclipse.jetty.server.handler.RequestLogHandler.handle(RequestLogHandler.java:95)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
	at org.eclipse.jetty.server.Server.handle(Server.java:497)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
	at java.lang.Thread.run(Unknown Source)

Sign in to add a comment

Powered by Google Project Hosting