On Wed, Feb 10, 2016 at 1:42 PM, Frank Thommen <f.thom...@dkfz-heidelberg.de> wrote: > On 02/10/2016 12:20 PM, Thomas Mortagne wrote: >> >> On Wed, Feb 10, 2016 at 12:11 PM, Frank Thommen >> <f.thom...@dkfz-heidelberg.de> wrote: >>> >>> >>> >>> On 02/10/2016 09:26 AM, Thomas Mortagne wrote: >>>> >>>> >>>> On Tue, Feb 9, 2016 at 6:34 PM, Frank Thommen >>>> <f.thom...@dkfz-heidelberg.de> wrote: >>>>> >>>>> >>>>> Maybe I can should rephrase the question: What certificates should go >>>>> into >>>>> the keystore? >>>>> >>>>> I retrieved the LDAP server's certificate through `openssl s_client >>>>> -host >>>>> my.ldap.server -port 636` and added it with `keytool` into a keystore >>>>> and >>>>> sest this as xwiki.authentication.ldap.ssl.keystore but the errors stay >>>>> almost the same. To make it worse, the errors in catalina.out are not >>>>> always completely identical. Trying to authenticate four times results >>>>> in >>>>> e.g. three slightly different sets of error message. Noone else is >>>>> currently accessing the Wiki. >>>>> >>>>> >>>>> But maybe the base problem is this one: >>>>> >>>>> ---------------- >>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>> c.x.x.p.l.XWikiLDAPConnection - Connection to LDAP server [XXXX:389] >>>>> ---------------- >>>>> >>>> >>>> >>>>> Why is XWiki trying to connect on port 389 even though I have >>>>> "xwiki.authentication.ldap.port=636"? >>>> >>>> >>>> >>>> I can think of 3 possibilities for this kind of issue: >>>> * you did not uncommented xwiki.authentication.ldap.port in xwiki.cfg >>> >>> >>> >>> is /is/ uncommented >>> >>> >>>> * you have xwiki.authentication.ldap.port set several times >>> >>> >>> >>> no, it's set only a single time >>> >>> >>>> * you have it set in XWikiPreference page (which override xwiki.cfg) >>>> because you played with LDAP Application or with the page directly >>> >>> >>> >>> Good thought: I had indeed the "LDAP Admin Application" installed >>> temporarily but I've removed it again, because it only offered a subset >>> of >>> the settings I required. Could it be, that the removal of the >>> application >>> did not remove (some of) its settings? Where (filesystem/database) >>> should I >>> look for possible leftover settings? Using `grep` I cannot find any >>> "ldap" >>> reference in any file within $TOMCAT/webapps/xwiki/WEB-INF. >> >> >> It's not in a file but in a wiki page. Try >> http://mydomain/xwiki/bin/edit/XWiki/XWikiPreferences?editor=object, >> open "XWiki.XWikiPreferences" object, search for LDAP stuff in there >> and empty everything. > > > This page (https://mydomain/xwiki/bin/view/XWiki/XWikiPreferences) > redirects to https://mydomain/xwiki/bin/admin/XWiki/XWikiPreferences and > editing it with > https://mydomain/xwiki/bin/edit/XWiki/XWikiPreferences?editor=object doesn't > show any LDAP related settings (see http://postimg.org/image/ebustp9hx).
That's because you skipped the "open "XWiki.XWikiPreferences" object" part ;) Objects are folded by default. > > (is there a "klickable" way to open this editor? The XWikiPreferences page > doesn't show any "edit" option anywhere) > > frank > > > >>> (additional question: Should I see this as a but in the application, if >>> the >>> removal doesn't remove all associated settings or is this rather a >>> general >>> XWiki issue?) >>> >>> >>>> On the SSL side I'm really far from an expert since I never used it >>>> with LDAP. All I know is that some users managed to do it. But anyway >>>> if XWiki don't use the right port it's indeed the first thing to fix. >>> >>> >>> >>> indeed :-) >>> >>> frank >>> >>> >>>>> >>>>> frank >>>>> >>>>> >>>>> >>>>> >>>>> On 02/09/2016 01:31 PM, Frank Thommen wrote: >>>>>> >>>>>> >>>>>> >>>>>> Hi, >>>>>> >>>>>> our freshly configured XWiki (7.4, running open SUSE 13.1 with Tomcat >>>>>> 8.0.30) works fine through LDAP but fails as soon as we switch to >>>>>> ldaps. >>>>>> >>>>>> The current relevant settings for LDAP authentication in xwiki.cfg >>>>>> are: >>>>>> --------------- >>>>>> >>>>>> >>>>>> >>>>>> xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl >>>>>> xwiki.authentication.ldap=1 >>>>>> xwiki.authentication.ldap.server=OUR_LDAP_SERVER >>>>>> xwiki.authentication.ldap.port=389 >>>>>> xwiki.authentication.ldap.trylocal=1 >>>>>> xwiki.authentication.ldap.ssl=0 >>>>>> >>>>>> >>>>>> >>>>>> xwiki.authentication.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider >>>>>> xwiki.authentication.ldap.validate_password=0 >>>>>> xwiki.authentication.ldap.password_field=userPassword >>>>>> --------------- >>>>>> >>>>>> As soon as we change the settings to use SSL secured LDAP... >>>>>> --------------- >>>>>> xwiki.authentication.ldap.port=636 >>>>>> xwiki.authentication.ldap.ssl=1 >>>>>> --------------- >>>>>> >>>>>> ...authentication fails and we get the error message in catalina.out >>>>>> (debugging enabled according to >>>>>> >>>>>> >>>>>> >>>>>> http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableLDAPdebuglog) >>>>>> that you can find at the end of this mail. Connecting with the >>>>>> standard >>>>>> LDAP tools (ldapsearch) via SSL works fine. >>>>>> >>>>>> However: We haven't configured a keystore, as we are not in possession >>>>>> ot the server's certificate. ldapsearch only connects correctly with >>>>>> TLS_REQCERT=never. Could that be the problem with XWiki, too? If >>>>>> yes, >>>>>> is there a way to configure XWiki to ignore the certificate >>>>>> completely? >>>>>> >>>>>> >>>>>> Cheers >>>>>> Frank >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> catalina.out messages related to one failed LDAP authentication >>>>>> =============================================================== >>>>>> >>>>>> [...] >>>>>> 2016-02-09 10:37:52,261 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] TRACE >>>>>> u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication >>>>>> 2016-02-09 10:37:52,262 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't >>>>>> try >>>>>> to authenticate, it probably means the user is in non logged mode. >>>>>> 2016-02-09 10:37:52,265 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] TRACE >>>>>> u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication >>>>>> 2016-02-09 10:37:52,333 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> c.x.x.p.l.XWikiLDAPConfig - ldap_group_classes: [groupofnames, >>>>>> groupwisedistributionlist, dynamicgroup, dynamicgroupaux, >>>>>> groupofuniquenames, posixgroup, apple-group, group] >>>>>> 2016-02-09 10:37:52,336 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> c.x.x.p.l.XWikiLDAPConfig - ldap_group_memberfields: [member, >>>>>> memberuid, uniquemember] >>>>>> 2016-02-09 10:37:52,355 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> c.x.x.p.l.XWikiLDAPConnection - Connecting to LDAP using SSL >>>>>> 2016-02-09 10:37:52,533 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> c.x.x.p.l.XWikiLDAPConnection - Connection to LDAP server >>>>>> [XXXX:389] >>>>>> >>>>>> 2016-02-09 10:37:52,567 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> c.x.x.p.l.XWikiLDAPConnection - Binding to LDAP server with >>>>>> credentials >>>>>> login=[XXXX] >>>>>> 2016-02-09 10:37:52,777 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> u.i.L.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed. >>>>>> com.xpn.xwiki.plugin.ldap.XWikiLDAPException: Error number 0 in 5: >>>>>> LDAP >>>>>> bind failed with LDAPException. >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:196) >>>>>> ~[xwiki-platform-ldap-authenticator-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:122) >>>>>> ~[xwiki-platform-ldap-authenticator-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:306) >>>>>> [xwiki-platform-ldap-authenticator-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:182) >>>>>> [xwiki-platform-ldap-authenticator-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:129) >>>>>> [xwiki-platform-ldap-authenticator-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:272) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:192) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:174) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:239) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3565) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.xwiki.security.authorization.internal.XWikiCachingRightService.authenticateUser(XWikiCachingRightService.java:241) >>>>>> [xwiki-platform-security-bridge-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.xwiki.security.authorization.internal.XWikiCachingRightService.checkAccess(XWikiCachingRightService.java:271) >>>>>> [xwiki-platform-security-bridge-7.4.jar:na] >>>>>> at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3583) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4657) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at >>>>>> com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:339) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at >>>>>> com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:184) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425) >>>>>> [struts-core-1.3.10.jar:1.3.10] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228) >>>>>> [struts-core-1.3.10.jar:1.3.10] >>>>>> at >>>>>> >>>>>> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913) >>>>>> [struts-core-1.3.10.jar:1.3.10] >>>>>> at >>>>>> org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462) >>>>>> [struts-core-1.3.10.jar:1.3.10] >>>>>> at >>>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:648) >>>>>> [servlet-api.jar:na] >>>>>> at >>>>>> javax.servlet.http.HttpServlet.service(HttpServlet.java:729) >>>>>> [servlet-api.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:115) >>>>>> [xwiki-platform-legacy-oldcore-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:127) >>>>>> [xwiki-platform-wysiwyg-server-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) >>>>>> [tomcat-websocket.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63) >>>>>> [xwiki-platform-container-servlet-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:66) >>>>>> [xwiki-platform-webdav-server-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208) >>>>>> [xwiki-platform-container-servlet-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111) >>>>>> [xwiki-platform-container-servlet-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> org.xwiki.resource.servlet.RoutingFilter.doFilter(RoutingFilter.java:137) >>>>>> [xwiki-platform-resource-servlet-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:521) >>>>>> [catalina.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1096) >>>>>> [tomcat-coyote.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:674) >>>>>> [tomcat-coyote.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500) >>>>>> [tomcat-coyote.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456) >>>>>> [tomcat-coyote.jar:8.0.30] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) >>>>>> [na:1.7.0_95] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) >>>>>> [na:1.7.0_95] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) >>>>>> [tomcat-util.jar:8.0.30] >>>>>> at java.lang.Thread.run(Thread.java:745) [na:1.7.0_95] >>>>>> Caused by: com.novell.ldap.LDAPException: Connect Error >>>>>> at com.novell.ldap.Connection.writeMessage(Unknown Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at com.novell.ldap.Connection.writeMessage(Unknown Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at com.novell.ldap.Message.sendMessage(Unknown Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at com.novell.ldap.MessageAgent.sendMessage(Unknown Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at >>>>>> com.novell.ldap.LDAPConnection.sendRequestToServer(Unknown >>>>>> Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at com.novell.ldap.LDAPConnection.bind(Unknown Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at com.novell.ldap.LDAPConnection.bind(Unknown Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at com.novell.ldap.LDAPConnection.bind(Unknown Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.bind(XWikiLDAPConnection.java:230) >>>>>> ~[xwiki-platform-ldap-authenticator-7.4.jar:na] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:192) >>>>>> ~[xwiki-platform-ldap-authenticator-7.4.jar:na] >>>>>> ... 63 common frames omitted >>>>>> Caused by: javax.net.ssl.SSLException: Connection has been shutdown: >>>>>> javax.net.ssl.SSLException: java.net.SocketException: Connection reset >>>>>> at >>>>>> sun.security.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1508) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1520) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.AppOutputStream.write(AppOutputStream.java:70) >>>>>> ~[na:1.7.0_95] >>>>>> ... 73 common frames omitted >>>>>> Caused by: javax.net.ssl.SSLException: java.net.SocketException: >>>>>> Connection reset >>>>>> at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1916) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1874) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> >>>>>> sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1838) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> >>>>>> sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1783) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.AppInputStream.read(AppInputStream.java:113) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.AppInputStream.read(AppInputStream.java:69) >>>>>> ~[na:1.7.0_95] >>>>>> at com.novell.ldap.asn1.ASN1Identifier.<init>(Unknown >>>>>> Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> at com.novell.ldap.Connection$ReaderThread.run(Unknown >>>>>> Source) >>>>>> ~[jldap-4.3.jar:na] >>>>>> ... 1 common frames omitted >>>>>> Caused by: java.net.SocketException: Connection reset >>>>>> at >>>>>> java.net.SocketInputStream.read(SocketInputStream.java:196) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> java.net.SocketInputStream.read(SocketInputStream.java:122) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.InputRecord.readFully(InputRecord.java:442) >>>>>> ~[na:1.7.0_95] >>>>>> at sun.security.ssl.InputRecord.read(InputRecord.java:480) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:946) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> >>>>>> >>>>>> >>>>>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:901) >>>>>> ~[na:1.7.0_95] >>>>>> at >>>>>> sun.security.ssl.AppInputStream.read(AppInputStream.java:102) >>>>>> ~[na:1.7.0_95] >>>>>> ... 4 common frames omitted >>>>>> 2016-02-09 10:37:52,786 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> u.i.L.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki >>>>>> DB >>>>>> 2016-02-09 10:37:52,870 >>>>>> [https://XXXX:8443/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG >>>>>> u.i.L.XWikiLDAPAuthServiceImpl - LDAP authentication failed for user >>>>>> [XXXX] >>>>>> [...] >>>>>> _______________________________________________ >>>>>> users mailing list >>>>>> users@xwiki.org >>>>>> http://lists.xwiki.org/mailman/listinfo/users >>>>>> >>>>> >>>>> -- >>>>> Frank Thommen | HD-HuB / DKFZ Heidelberg >>>>> | f.thom...@dkfz-heidelberg.de >>>>> | TP3: +49-6221-42-3562 (Mo+Di) >>>>> | IPMB: +49-6221-54-5823 (Mi-Do) >>>>> >>>>> >>>>> _______________________________________________ >>>>> users mailing list >>>>> users@xwiki.org >>>>> http://lists.xwiki.org/mailman/listinfo/users >>>> >>>> >>>> >>>> >>>> >>>> -- >>>> Thomas Mortagne >>>> _______________________________________________ >>>> users mailing list >>>> users@xwiki.org >>>> http://lists.xwiki.org/mailman/listinfo/users >>>> >>> >>> -- >>> Frank Thommen | HD-HuB / DKFZ Heidelberg >>> | f.thom...@dkfz-heidelberg.de >>> | +49-6221-54-5823 (Mo-Mi) >>> | +49-6221-42-3562 (Do-Fr) >>> >>> >>> >>> _______________________________________________ >>> users mailing list >>> users@xwiki.org >>> http://lists.xwiki.org/mailman/listinfo/users >> >> >> >> >> -- >> Thomas Mortagne >> _______________________________________________ >> users mailing list >> users@xwiki.org >> http://lists.xwiki.org/mailman/listinfo/users >> > > -- > Frank Thommen | HD-HuB / DKFZ Heidelberg > | f.thom...@dkfz-heidelberg.de > | +49-6221-54-5823 (Mo-Mi) > | +49-6221-42-3562 (Do-Fr) > > > > _______________________________________________ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users -- Thomas Mortagne _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
