-
Task
-
Resolution: Unresolved
-
Major
-
Windows Server 2003
I'm trying to use Active directory plugin to authenticate in Jenkins, but it's not working with the following log message:
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: SoftDev_GLOBAL is a member of CN=SoftDev_GLOBAL,CN=Users,DC=novacard,DC=local
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: InternetProxy is a member of CN=InternetProxy,CN=Users,DC=novacard,DC=local
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINER: Looking up group of
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: Stage 2: looking up via memberOf
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local is a member of cn: Users
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local is a member of cn: Remote Desktop Users
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local is a member of cn: CERTSVC_DCOM_ACCESS
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local is a member of cn: Projects_ISO 9001_R
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local is a member of cn: SoftDev Local
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local is a member of cn: SoftDev_GLOBAL
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local is a member of cn: Domain Users
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local is a member of cn: InternetProxy
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINER: Looking up group of CN=v_okunev,OU=ODIPP,OU=all_users,DC=novacard,DC=local
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: Found user v_okunev :
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
FINE: Failed to find v_okunev in userPrincipalName. Trying sAMAccountName
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm
FINE: Bound to ncfs.novacard.local:3268
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm
FINE: Binding as v_okunev@novacard.local to ldap://ncfs.novacard.local:3268/
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm
FINE: Failed to start TLS. Authentication will be done via plain-text LDAP
javax.naming.CommunicationException: Remote host closed connection during handshake [Root exception is javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake]
at com.sun.jndi.ldap.LdapCtx.extendedOperation(Unknown Source)
at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DesciprotrImpl.bind(ActiveDirectorySecurityRealm.java:413)
at hudson.plugins.active_directory.ActiveDirectorySecurityRealm$DesciprotrImpl.bind(ActiveDirectorySecurityRealm.java:357)
at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:245)
at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:190)
at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:134)
at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:119)
at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:63)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:50)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:194)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:366)
at winstone.RequestDispatcher.forward(RequestDispatcher.java:331)
at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:215)
at winstone.RequestHandlerThread.run(RequestHandlerThread.java:138)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at com.sun.jndi.ldap.LdapClient.extendedOp(Unknown Source)
... 39 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
... 47 more
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm
FINE: Connecting to ldap://ncfs.novacard.local:3268/
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm
FINE: _gc._tcp.novacard.local resolved to [ncfs.novacard.local:3268]
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm
FINE: SRV record found: 0 100 3268 ncfs.novacard.local.
Sep 7, 2012 3:47:23 PM hudson.plugins.active_directory.ActiveDirectorySecurityRealm
FINE: Attempting to resolve _gc._tcp.novacard.local to SRV record
Server with LDAP do not use SSL. What should I do in that way?