Uploaded image for project: 'Archiva (Retired)'
  1. Archiva (Retired)
  2. MRM-2045

LDAP Authentication Can't connect to Active Director server

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Not A Problem
    • 2.2.6
    • None
    • redback
    • None
    • CentOS 8

    Description

      I am setting up an Archiva instance and trying to enable LDAP Authentication via our Active Directory server(s).

      I entered the settings like this (they mirror the settings used for our Gitlab setup of LDAP authentication):

      <ldapConfiguration>
      <ssl>false</ssl>
      <bindAuthenticatorEnabled>true</bindAuthenticatorEnabled>
      <writable>false</writable>
      <useRoleNameAsGroup>false</useRoleNameAsGroup>
      <hostName>dev.oati.local</hostName>
      <port>389</port>
      <baseDn>DC=dev</baseDn>
      <baseDn>DC=company</baseDn>
      <baseDn>DC=local</baseDn>
      <baseGroupsDn>DC=dev</baseGroupsDn>
      <baseGroupsDn>DC=company</baseGroupsDn>
      <baseGroupsDn>DC=local</baseGroupsDn>
      <contextFactory>com.sun.jndi.ldap.LdapCtxFactory</contextFactory>
      <bindDn>CN=gitlabldap</bindDn>
      <bindDn>CN=Users</bindDn>
      <bindDn>DC=dev</bindDn>
      <bindDn>DC=company</bindDn>
      <bindDn>DC=local</bindDn>
      <password>password</password>
      <authenticationMethod/>
      </ldapConfiguration>

      I have verified that these settings work on this server using ldapquery.

      When I attempt to verify in the Redback Runtime Configuration GUI, I get a "Could not connect to server." error, and I see this stack trace in the log:

      2022-03-23 11:36:25,307 [qtp1795749389-25] WARN  org.apache.archiva.rest.services.DefaultRedbackRuntimeConfigurationService [] - fail to get ldapConnection: Could not connect to the server.
      org.apache.archiva.redback.common.ldap.connection.LdapException: Could not connect to the server.
              at org.apache.archiva.redback.common.ldap.connection.DefaultLdapConnection.<init>(DefaultLdapConnection.java:85) ~[redback-common-ldap-2.6.1.jar:2.6.1]
              at org.apache.archiva.redback.common.ldap.connection.ConfigurableLdapConnectionFactory.getConnection(ConfigurableLdapConnectionFactory.java:114) ~[redback-common-ldap-2.6.1.jar:2.6.1]
              at org.apache.archiva.redback.common.ldap.connection.ConfigurableLdapConnectionFactory.getConnection(ConfigurableLdapConnectionFactory.java:41) ~[redback-common-ldap-2.6.1.jar:2.6.1]
              at org.apache.archiva.rest.services.DefaultRedbackRuntimeConfigurationService.checkLdapConnection(DefaultRedbackRuntimeConfigurationService.java:311) [archiva-rest-services-2.2.6.jar:?]
              at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_322]
              at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_322]
              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_322]
              at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_322]
              at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:181) [cxf-core-3.0.3.jar:3.0.3]
              at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:97) [cxf-core-3.0.3.jar:3.0.3]
              at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:200) [cxf-rt-frontend-jaxrs-3.0.3.jar:3.0.3]
              at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:99) [cxf-rt-frontend-jaxrs-3.0.3.jar:3.0.3]
              at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59) [cxf-core-3.0.3.jar:3.0.3]
              at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96) [cxf-core-3.0.3.jar:3.0.3]
              at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307) [cxf-core-3.0.3.jar:3.0.3]
              at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [cxf-core-3.0.3.jar:3.0.3]
              at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251) [cxf-rt-transports-http-3.0.3.jar:3.0.3]
              at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223) [cxf-rt-transports-http-3.0.3.jar:3.0.3]
              at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:197) [cxf-rt-transports-http-3.0.3.jar:3.0.3]
              at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:149) [cxf-rt-transports-http-3.0.3.jar:3.0.3]
              at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171) [cxf-rt-transports-http-3.0.3.jar:3.0.3]
              at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:290) [cxf-rt-transports-http-3.0.3.jar:3.0.3]
              at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:214) [cxf-rt-transports-http-3.0.3.jar:3.0.3]
              at javax.servlet.http.HttpServlet.service(HttpServlet.java:735) [javax.servlet-3.0.0.v201112011016.jar:?]
              at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265) [cxf-rt-transports-http-3.0.3.jar:3.0.3]
              at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:684) [jetty-servlet-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1496) [jetty-servlet-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:85) [spring-web-4.2.1.RELEASE.jar:4.2.1.RELEASE]
              at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.2.1.RELEASE.jar:4.2.1.RELEASE]
              at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1476) [jetty-servlet-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) [jetty-servlet-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:557) [jetty-security-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) [jetty-servlet-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.Server.handle(Server.java:370) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:494) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:971) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1033) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) [jetty-http-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) [jetty-http-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) [jetty-server-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:667) [jetty-io-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) [jetty-io-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) [jetty-util-8.1.14.v20131031.jar:8.1.14.v20131031]
              at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) [jetty-util-8.1.14.v20131031.jar:8.1.14.v20131031]
              at java.lang.Thread.run(Thread.java:750) [?:1.8.0_322]
      Caused by: javax.naming.AuthenticationNotSupportedException:
              at com.sun.jndi.ldap.sasl.LdapSasl.saslBind(LdapSasl.java:119) ~[?:1.8.0_322]
              at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:236) ~[?:1.8.0_322]
              at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2897) ~[?:1.8.0_322]
              at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:347) ~[?:1.8.0_322]
              at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225) ~[?:1.8.0_322]
              at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189) ~[?:1.8.0_322]
              at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243) ~[?:1.8.0_322]
              at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154) ~[?:1.8.0_322]
              at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84) ~[?:1.8.0_322]
              at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:695) ~[?:1.8.0_322]
              at org.apache.archiva.redback.common.ldap.connection.DefaultLdapConnection.<init>(DefaultLdapConnection.java:81) ~[redback-common-ldap-2.6.1.jar:2.6.1]
              ... 53 more

       

      I don't know where to go from here to debug the issue further.

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            jceddy JOSEPH C EDDY
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: