Hello Suvendu,
May I ask you to share your JNDIRealm configuration?
For me something like this works:
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldaps://my.users.directory.com:636"
connectionName="CN=MY_BINDING_USER,OU=Users,OU=Organic
Units,DC=cern,DC=ch"
connectionPassword="PASSWORD"
userBase="OU=Users,OU=Organic Units,DC=cern,DC=ch"
userSubtree="false"
userPattern="cn={0},OU=Users,OU=Organic Units,DC=cern,DC=ch"
roleBase="OU=BASE_ORGANIZATION_UNIT_FOR_MY_GROUPS,OU=Workgroups,DC=cern,DC=ch"
roleSubtree="1"
roleName="cn"
roleSearch="(&(member={0})(objectclass=group))"
/>
Hope it helps,
Luis
2018-04-05 15:32 GMT+02:00 Suvendu Sekhar Mondal <[email protected]>:
> Hello Everyone,
>
> Recently in one of our environments I am seeing following log in
> Catalina.out. It seems that LDAP connection is failing. This issue is
> sporadic and goes away with Tomcat recycle.
>
> One interesting thing is "localhost:389" part. I could not find out
> any configuration related to that. It could happen that I am not
> looking at the correct place.
>
> We have 200+ JVMs out there which were starting up simultaneously but
> this happens for some of them sporadically. I suspect that some race
> condition might be causing this failure but could not found any
> evidence so far. Can someone please suggest how can I identify what is
> failing? and why it is failing?
>
> Thanks!
> Suvendu
>
> Stack trace:
> 2018-04-02 20:34:27,293 INFO org.apache.catalina.startup.HostConfig -
> Deploying web application directory D:\xxx\webapps\ROOT
> 2018-04-02 20:34:33,341 SEVERE org.apache.catalina.realm.CombinedRealm
> - Failed to start "org.apache.catalina.realm.JNDIRealm/1.0" realm
> org.apache.catalina.LifecycleException: Failed to start component
> [Realm[JNDIRealm]]
> at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:154)
> at org.apache.catalina.realm.CombinedRealm.startInternal(
> CombinedRealm.java:201)
> at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:150)
> at org.apache.catalina.core.StandardContext.startInternal(
> StandardContext.java:5373)
> at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:150)
> at org.apache.catalina.core.ContainerBase.addChildInternal(
> ContainerBase.java:901)
> at org.apache.catalina.core.ContainerBase.addChild(
> ContainerBase.java:877)
> at org.apache.catalina.core.StandardHost.addChild(
> StandardHost.java:649)
> at org.apache.catalina.startup.HostConfig.deployDirectory(
> HostConfig.java:1247)
> at org.apache.catalina.startup.HostConfig$DeployDirectory.
> run(HostConfig.java:1898)
> at java.util.concurrent.Executors$RunnableAdapter.
> call(Executors.java:511)
> at java.util.concurrent.FutureTask.run(FutureTask.java:266)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(
> ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(
> ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: org.apache.catalina.LifecycleException: Exception opening
> directory server connection
> at org.apache.catalina.realm.JNDIRealm.startInternal(
> JNDIRealm.java:2191)
> at org.apache.catalina.util.LifecycleBase.start(
> LifecycleBase.java:150)
> ... 14 more
> Caused by: javax.naming.CommunicationException: localhost:389 [Root
> exception is java.net.ConnectException: Connection refused: connect]
> at com.sun.jndi.ldap.Connection.<init>(Connection.java:216)
> at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
> at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
> at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
> at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
> at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(
> LdapCtxFactory.java:70)
> at javax.naming.spi.NamingManager.getInitialContext(
> NamingManager.java:684)
> at javax.naming.InitialContext.getDefaultInitCtx(
> InitialContext.java:313)
> at javax.naming.InitialContext.init(InitialContext.java:244)
> at javax.naming.InitialContext.<init>(InitialContext.java:216)
> at javax.naming.directory.InitialDirContext.<init>(
> InitialDirContext.java:101)
> at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:2108)
> at org.apache.catalina.realm.JNDIRealm.startInternal(
> JNDIRealm.java:2189)
> ... 15 more
> Caused by: java.net.ConnectException: Connection refused: connect
> at java.net.TwoStacksPlainSocketImpl.socketConnect(Native Method)
> at java.net.AbstractPlainSocketImpl.doConnect(
> AbstractPlainSocketImpl.java:350)
> at java.net.AbstractPlainSocketImpl.connectToAddress(
> AbstractPlainSocketImpl.java:206)
> at java.net.AbstractPlainSocketImpl.connect(
> AbstractPlainSocketImpl.java:188)
> at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
> at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
> at java.net.Socket.connect(Socket.java:589)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at com.sun.jndi.ldap.Connection.createSocket(Connection.java:350)
> at com.sun.jndi.ldap.Connection.<init>(Connection.java:203)
> ... 27 more
>
> 2018-04-02 20:34:35,059 INFO org.apache.catalina.startup.HostConfig -
> Deployment of web application directory D:\xxx\webapps\ROOT has
> finished in 7,766 ms
> 2018-04-02 20:34:35,075 INFO
> org.apache.coyote.http11.Http11AprProtocol - Starting ProtocolHandler
> ["http-apr-18110"]
> 2018-04-02 20:34:35,091 INFO org.apache.coyote.ajp.AjpAprProtocol -
> Starting ProtocolHandler ["ajp-apr-18111"]
> 2018-04-02 20:34:35,091 INFO org.apache.catalina.startup.Catalina -
> Server startup in 235096 ms
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> For additional commands, e-mail: [email protected]
>
>
--
"Ever tried. Ever failed. No matter. Try Again. Fail again. Fail better."
- Samuel Beckett
