Loading...

Type: Bug
Resolution: Unresolved
Priority: Major
Component/s: ldapemail-plugin
Labels:
None
Environment:
debian wheezy

Similar Issues:

Show

Jenkins version 1.466, run as java -jar jenkins.war, using apache 2.2.22 as web server

after configuring my ldap :
<securityRealm class="hudson.security.LDAPSecurityRealm">
<server>ldap://our.server.com</server>
<rootDN>OU=people,DC=company,DC=com</rootDN>
<inhibitInferRootDN>false</inhibitInferRootDN>
<userSearchBase></userSearchBase>
<userSearch>mail=

{0}

</userSearch>
<groupSearchBase>OU=people,DC=company,DC=com</groupSearchBase>
<managerDN>CN=manager,DC=company,DC=com</managerDN>
<managerPassword>X3NjaWxhYl8=</managerPassword>
</securityRealm>

We try to login, and always get the error 32

May 31, 2012 4:59:38 PM hudson.security.AuthenticationProcessingFilter2 onUnsuccessfulAuthentication
INFO: Login attempt failed
org.acegisecurity.AuthenticationServiceException: LdapCallback;[LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'mail=simon@company.com'; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;[LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'mail=simon@company.com'
at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:238)
at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:119)
at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:63)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
at winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:215)
at winstone.RequestHandlerThread.run(RequestHandlerThread.java:138)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)
Caused by: org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;[LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'mail=simon@company.com'
at org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
at org.acegisecurity.ldap.LdapTemplate.retrieveEntry(LdapTemplate.java:165)
at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator.bindWithDn(BindAuthenticator.java:87)
at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator.authenticate(BindAuthenticator.java:72)
at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator2.authenticate(BindAuthenticator2.java:49)
at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:233)
... 30 more
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'mail=simon@company.com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3112)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840)
at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1332)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:231)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:139)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:127)
at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142)
at org.acegisecurity.ldap.LdapTemplate$2.doInDirContext(LdapTemplate.java:168)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:126)
... 35 more

My credentials are correct (Bad Credentials log if I change them). ngrep on port 389 on ldap server gives me this feedback :
T jenkins.server.ip:45607 -> ldap.server.ip:389 [AP]
0T...cO..OU=people,DC=company,DC=com................ ..mail..simon@company.com0.
#
T ldap.server.ip:389 -> jenkins.server.ip:45607 [AP]
0..>...d..7.8mail=simon@company.com,ou=people,dc=company,dc=com0...0"..mail1...simon@company.com0...cn1...Simon MYNAME0...sn1...MYNAME0...displayName1...Simon MYNAME0!..uid1...
simon@company.com0...title1...M.0...telephoneNumber1...UN
#
T ldap.server.ip:389 -> jenkins.server.ip:45607 [AP]
0....e........
#####
T jenkins.server.ip:45715 -> ldap.server.ip:389 [AP]
0N...`I....8mail=simon@company.com,OU=people,DC=company,DC=com..clearpassword
##
T ldap.server.ip:389 -> jenkins.server.ip:45715 [AP]
0....a........
##
T jenkins.server.ip:45715 -> ldap.server.ip:389 [AP]
0]...cX.8mail=simon@company.com,OU=people,DC=company,DC=com.................objectClass0.
#
T ldap.server.ip:389 -> jenkins.server.ip:45715 [AP]
0....e... ....
#
T jenkins.server.ip:45715 -> ldap.server.ip:389 [AP]
0....B.

First lines tell me that the info about the user is retreived (hence my DN manager is correct, his password too, and the DNroot is good too, isn't it?)
My second guess would be that the password is wrong, but since it's written in clear, I can read it and it's correct.

So..is this a misconfiguration from my part, or is this indeed a bug?

Details

Description

Attachments

Activity

People

Dates