Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Cannot Reproduce
-
2.19.0
-
None
-
None
Description
With different random users we get the following error message:
AMQ222216: Security problem while authenticating: AMQ229031: Unable to validate user from /172.27.48.12:49550. Username: lot-sfmsri.fenmqprd; SSL certificate subject DN: unavailable
2021-11-16 23:05:03,150 WARN [org.apache.activemq.artemis.core.client] AMQ212037: Connection failure to /172.27.48.12:49478 has been detected: User name [lot-sfmsri.fenmqprd] or password is invalid. [code=GENERIC_EXCEPTION] component = org.apache.activemq.artemis.core.clienthost = fenacosrv43113log_level = WARNsource = /amq_prd/log/artemis.log
After a restart of the Broker other Users have the same Problem. We use an ActiveDirectory as the LDAP directory.
activemq { /* org.apache.activemq.artemis.spi.core.security.jaas.PropertiesLoginModule sufficient debug=false reload=true org.apache.activemq.jaas.properties.user="artemis-users.properties" org.apache.activemq.jaas.properties.role="artemis-roles.properties"; org.apache.activemq.artemis.spi.core.security.jaas.GuestLoginModule sufficient debug=false org.apache.activemq.jaas.guest.user="admin" org.apache.activemq.jaas.guest.role="amq"; */ org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule sufficient debug=true initialContextFactory="com.sun.jndi.ldap.LdapCtxFactory" /* connectionURL - specify the location of the directory server using an ldap URL, ldap://Host:Port. You can optionally qualify this URL, by adding a forward slash, /, followed by the DN of a particular node in the directory tree. For example, ldap://ldapserver:10389/ou=system. */ /* connectionURL="ldap://main.corp.fenaco.com:389/" */ connectionURL="ldap://ad-ldap-rzsur.main.corp.fenaco.com:389/" /* authentication - specifies the authentication method used when binding to the LDAP server. Can take either of the values, - simple (username and password), - GSSAPI (Kerberos SASL) or - none (anonymous) */ authentication="simple"