On Thu, Jun 22, 2017 at 9:18 AM, David Hübner <d.huebne...@gmail.com> wrote:
> Fast forward to authentication. There is a timeout when reading the LDAP
> response. So essentially there never is a response. See the log below for
> this part:
>
> 2017-06-22 15:07:13,564 DEBUG [org.ldaptive.SearchOperation] - <execute
> request=[org.ldaptive.SearchRequest@1990922963::baseDn=dc=example,dc=org,
> searchFilter=[org.ldaptive.SearchFilter@538592870::filter=uid={user},
> parameters={context=null, user=t.benutzer}], returnAttributes=[1.1],
> searchScope=SUBTREE, timeLimit=PT0S, sizeLimit=0, derefAliases=null,
> typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED,
> searchEntryHandlers=null, searchReferenceHandlers=null, controls=null,
> referralHandler=null, intermediateResponseHandlers=null] with
> connection=[org.ldaptive.DefaultConnectionFactory$DefaultCon
> nection@1341165364::config=[org.ldaptive.ConnectionConfig@
> 1707652548::ldapUrl=ldap://openldap-1.daasi.prj:3890,
> connectTimeout=PT5S, responseTimeout=PT5S, sslConfig=[org.ldaptive.ssl.Ss
> lConfig@215657008::credentialConfig=null, trustManagers=null,
> enabledCipherSuites=null, enabledProtocols=null,
> handshakeCompletedListeners=null], useSSL=false, useStartTLS=false,
> connectionInitializer=[org.ldaptive.BindConnectionInitializer@983570221
> ::bindDn=cn=manager,dc=example,dc=org, bindSaslConfig=null,
> bindControls=null], connectionStrategy=org.ldaptiv
> e.DefaultConnectionStrategy@36e4c967], providerConnectionFactory=[org
> .ldaptive.provider.jndi.JndiConnectionFactory@1968431256::
> metadata=[ldapUrl=ldap://openldap-1.daasi.prj:3890, count=1],
> environment={com.sun.jndi.ldap.connect.timeout=5000,
> java.naming.ldap.version=3, java.naming.factory.initial=co
> m.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.read.timeout=5000},
> classLoader=null, providerConfig=[org.ldaptive.p
> rovider.jndi.JndiProviderConfig@1701617828::operationExceptionResultCodes=[PROTOCOL_ERROR,
> SERVER_DOWN], properties={}, controlProcessor=org.ldaptive.
> provider.ControlProcessor@622e959f, environment=null, tracePackets=null,
> removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED,
> SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], classLoader=null,
> sslSocketFactory=null, hostnameVerifier=null]],
> providerConnection=org.ldaptive.provider.jndi.JndiConnection@296c3fc1]>
> 2017-06-22 15:07:18,748 DEBUG
> [org.ldaptive.provider.jndi.NamingExceptionUtils]
> - <naming exception class javax.naming.NamingException is ambiguous, maps
> to multiple result codes: [OPERATIONS_ERROR, ALIAS_PROBLEM,
> ALIAS_DEREFERENCING_PROBLEM, LOOP_DETECT, AFFECTS_MULTIPLE_DSAS, OTHER]>
> 2017-06-22 15:07:18,760 ERROR [org.apereo.cas.authentication
> .PolicyBasedAuthenticationManager] - <[LdapAuthenticationHandler]:
> [Unexpected LDAP error] (Details: [javax.naming.NamingException: LDAP
> response read timed out, timeout used:5000ms.; remaining name
> 'dc=example,dc=org'])>
> 2017-06-22 15:07:18,761 WARN [org.apereo.cas.authentication
> .PolicyBasedAuthenticationManager] - <Authentication has failed.
> Credentials may be incorrect or CAS cannot find authentication handler that
> supports [t.benutzer] of type [UsernamePasswordCredential], which suggests
> a configuration problem.>
>
>
What does your pooling configuration look like?
--Daniel Fisher
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAFC6YwSRiODiTw6%3DvyftVaG3ft2txp3UFhFPp17ucDtFzYf-9A%40mail.gmail.com.
