Seema Patel wrote:
Hi,
I am not sure if this is the right List to post this on, please advise if it isn't and let me know where is best to post.
I am getting the following error on one of our applications running on our intranet:
2013-07-31 17:15:11,180 [http-xxx.xxx.x.xxx-xx-x] ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/forms].[action] - Servlet.service() for servlet action threw exception
java.net.UnknownHostException: Failed to negotiate with a suitable domain
controller for xxx.LOCAL
at jcifs.smb.SmbSession.getChallengeForDomain(SmbSession.java:187)
at jcifs.http.NtlmHttpFilter.negotiate(NtlmHttpFilter.java:150)
at jcifs.http.NtlmHttpFilter.doFilter(NtlmHttpFilter.java:114)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:465)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:393)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
at
org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:837)
at
org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:640)
at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1287)
at java.lang.Thread.run(Unknown Source)
I believe that you should read this page carefully, in particular the blue text at the
beginning : http://jcifs.samba.org/src/docs/ntlmhttpauth.html
Can you have a look at the WEB-INF/web.xml file *of your application*, and check if there
is a servlet filter configured there, which matches the name above ?
If so, make a backup copy of that web.xml file, and then edit it to remove that filter
from it, and try again.
I am not quite sure, but it looks possible to me that you have a duplicate authentication
mechanism in use : one at the container (Tomcat) level, and one at the application level.
And the one used at the application level is obsolete, unsupported,
unmaintained etc..
In my tomcat/conf/server.xml file I have:
<Realm className="com.viatel.tomcatrealms.ADJNDIRealm"
debug="01" resourceName="ActiveDirectory"
connectionURL="ldap://xxx:xxx";
alternativeURL="ldap://xxx:xxx";
connectionName="LDAP@xxx.local" connectionPassword="xxx"
referrals="follow" userBase="dc=vtlwavenet,dc=local"
userSearch="(sAMAccountName={0})" userSubtree="true"
roleBase="dc=xxx,dc=local" roleSearch="(member={0})"
roleName="cn" roleSubtree="true" />
I have 2 .war files running from this tomcat - 1) intranet portal A, 2) intranet helpdesk page and also another intranet portal B (both run from slightly different URLs).
When tomcat was restarted the intranet portal A runs, intranet portal B runs
but the intranet helpdesk portal doesn't run. For this we get the error
message shown above.
I don't know if it is the java code, some setting in the tomcat catalina base or if it is a tomcat network issue.
We are running Tomcat 5.5.29.
java version "1.5.0_22"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_22-b03)
Java HotSpot(TM) Client VM (build 1.5.0_22-b03, mixed mode, sharing)
It is on a Windows Server 2003 R2 SP2 VM box.
Any help on this is appreciated.
Thanks in advance
Seema
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
