-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
Platform: All, OS: All
I have Hudson 1.255 running in tomcat 6.0. Security is enabled in Hudson using
Hudson's integrated LDAP authentication feature.
Everything works fine for awhile and as long as I am active on the site.
However, if I close the browser (firefox 3.0.3) and subsequently attempt to
access the site after several hours of inactivity I consistently run into the
following problem:
Oct 17, 2008 10:46:03 PM hudson.security.LDAPSecurityRealm$1 loadUserByUsername
WARNING: Failed to search LDAP for username=someuser
org.acegisecurity.ldap.LdapDataAccessException:
LdapCallback;directory.mycompany.com:389; socket closed; nested exception is
javax.naming.ServiceUnavailableException: directory.mycompany.com:389; socket
closed; remaining name ''
at
org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
at
org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
at
hudson.security.LDAPSecurityRealm$1.loadUserByUsername(LDAPSecurityRealm.java:187)
at
hudson.security.UserDetailsServiceProxy.loadUserByUsername(UserDetailsServiceProxy.java:21)
at
org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loadUserDetails(TokenBasedRememberMeServices.java:308)
at
org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.autoLogin(TokenBasedRememberMeServices.java:218)
at
hudson.security.RememberMeServicesProxy.autoLogin(RememberMeServicesProxy.java:30)
at
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:104)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
at
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
at
org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at
hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:42)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:55)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:44)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:85)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:394)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:190)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:767)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:697)
at
org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:889)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:690)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.naming.ServiceUnavailableException:
directory.mycompany.com:389; socket closed; remaining name ''
at com.sun.jndi.ldap.Connection.readReply(Connection.java:410)
at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:611)
at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:534)
at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1944)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1806)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1748)
at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:394)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:376)
at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267)
at org.acegisecurity.ldap.LdapTemplate$3.doInDirContext(LdapTemplate.java:249)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:126)
... 35 more
Any suggestions? Is there a place where I can configure this problem away?
[JENKINS-2489] ldap authentication problem in tomcat
jonathan_w_brown
created issue -
when 1.289 (or newer) comes out can you retest (set a small/nonzero session
timeout for quicker testing) and let us know if this is still an issue, or can
we close it? thanks!
| Resolution | New: Postponed [ 6 ] | |
| Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Andrea Barbieri
added a comment - Hello,
the problem is still present in Hudson 1.299, Tomcat 6.0.18 with a timeout value
of 5.
15-Apr-2009 18:43:56 hudson.security.LDAPSecurityRealm$1 loadUserByUsername
WARNING: Failed to search LDAP for username=anotherUser
org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;null; nested
exception is javax.naming.PartialResultException [Root exception is
javax.naming.ServiceUnavailableException: MYCOMPANY.COM:389; socket closed [Root
exception is com.sun.jndi.ldap.LdapReferralException: Continuation Reference;
remaining name '']; remaining name '']
at
org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
at
org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
at
hudson.security.LDAPSecurityRealm$1.loadUserByUsername(LDAPSecurityRealm.java:348)
at
hudson.security.LDAPSecurityRealm$MailAdressResolverImpl.findMailAddressFor(LDAPSecurityRealm.java:396)
at hudson.tasks.MailAddressResolver.resolve(MailAddressResolver.java:87)
at hudson.tasks.Mailer$UserProperty.getAddress(Mailer.java:429)
at
hudson.plugins.emailext.ExtendedEmailPublisher.createMail(ExtendedEmailPublisher.java:303)
at
hudson.plugins.emailext.ExtendedEmailPublisher.sendMail(ExtendedEmailPublisher.java:249)
at
hudson.plugins.emailext.ExtendedEmailPublisher._perform(ExtendedEmailPublisher.java:241)
at
hudson.plugins.emailext.ExtendedEmailPublisher.perform(ExtendedEmailPublisher.java:199)
at
hudson.model.AbstractBuild$AbstractRunner.performAllBuildStep(AbstractBuild.java:372)
at
hudson.model.AbstractBuild$AbstractRunner.performAllBuildStep(AbstractBuild.java:360)
at hudson.model.Build$RunnerImpl.cleanUp(Build.java:188)
at hudson.model.Run.run(Run.java:962)
at hudson.model.Build.run(Build.java:112)
at hudson.model.ResourceController.execute(ResourceController.java:93)
at hudson.model.Executor.run(Executor.java:119)
many thanks.
Andrea Barbieri
added a comment - Hello,
the problem is still present in Hudson 1.299, Tomcat 6.0.18 with a timeout value
of 5.
15-Apr-2009 18:43:56 hudson.security.LDAPSecurityRealm$1 loadUserByUsername
WARNING: Failed to search LDAP for username=anotherUser
org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;null; nested
exception is javax.naming.PartialResultException [Root exception is
javax.naming.ServiceUnavailableException: MYCOMPANY.COM:389; socket closed [Root
exception is com.sun.jndi.ldap.LdapReferralException: Continuation Reference;
remaining name '']; remaining name '']
at
org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
at
org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
at
hudson.security.LDAPSecurityRealm$1.loadUserByUsername(LDAPSecurityRealm.java:348)
at
hudson.security.LDAPSecurityRealm$MailAdressResolverImpl.findMailAddressFor(LDAPSecurityRealm.java:396)
at hudson.tasks.MailAddressResolver.resolve(MailAddressResolver.java:87)
at hudson.tasks.Mailer$UserProperty.getAddress(Mailer.java:429)
at
hudson.plugins.emailext.ExtendedEmailPublisher.createMail(ExtendedEmailPublisher.java:303)
at
hudson.plugins.emailext.ExtendedEmailPublisher.sendMail(ExtendedEmailPublisher.java:249)
at
hudson.plugins.emailext.ExtendedEmailPublisher._perform(ExtendedEmailPublisher.java:241)
at
hudson.plugins.emailext.ExtendedEmailPublisher.perform(ExtendedEmailPublisher.java:199)
at
hudson.model.AbstractBuild$AbstractRunner.performAllBuildStep(AbstractBuild.java:372)
at
hudson.model.AbstractBuild$AbstractRunner.performAllBuildStep(AbstractBuild.java:360)
at hudson.model.Build$RunnerImpl.cleanUp(Build.java:188)
at hudson.model.Run.run(Run.java:962)
at hudson.model.Build.run(Build.java:112)
at hudson.model.ResourceController.execute(ResourceController.java:93)
at hudson.model.Executor.run(Executor.java:119)
many thanks. Andrea Barbieri
made changes -
| Resolution | Original: Postponed [ 6 ] | |
| Status | Original: Resolved [ 5 ] | New: Reopened [ 4 ] |
Andrea Barbieri
added a comment - any further possibility to have this issue being looked at?
with Hudson v1.311, tomcat 6.0.20 (with or without tcnative support) this is the
error entry generated in catalina log file:
20-Jun-2009 10:52:18 hudson.security.LDAPSecurityRealm$1 loadUserByUsername
WARNING: Failed to search LDAP for username=example
org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;null; nested
exception is javax.naming.PartialResultException [Root exception is
javax.naming.CommunicationException: EXAMPLE.COM:389 [Root exception is
java.net.ConnectException: Connection timed out: connect]]
at
org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
at
org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
at
hudson.security.LDAPSecurityRealm$1.loadUserByUsername(LDAPSecurityRealm.java:348)
at
org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loadUserDetails(TokenBasedRememberMeServices.java:308)
at
org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.autoLogin(TokenBasedRememberMeServices.java:218)
at
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:104)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at
hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:155)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.jstripe.tomcat.probe.Tomcat55AgentValve.invoke(Tomcat55AgentValve.java:20)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.naming.PartialResultException [Root exception is
javax.naming.CommunicationException: EXAMPLE.COM:389 [Root exception is
java.net.ConnectException: Connection timed out: connect]]
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(Unknown Source)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(Unknown Source)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(Unknown Source)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(Unknown Source)
at org.acegisecurity.ldap.LdapTemplate$3.doInDirContext(LdapTemplate.java:257)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:126)
... 32 more
Caused by: javax.naming.CommunicationException: EXAMPLE.COM:389 [Root exception
is java.net.ConnectException: Connection timed out: connect]
at com.sun.jndi.ldap.LdapReferralContext.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapReferralException.getReferralContext(Unknown Source)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(Unknown Source)
... 38 more
Caused by: java.net.ConnectException: Connection timed out: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at com.sun.jndi.ldap.Connection.createSocket(Unknown Source)
at com.sun.jndi.ldap.Connection.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapClient.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(Unknown Source)
at com.sun.jndi.ldap.pool.Connections.getOrCreateConnection(Unknown Source)
at com.sun.jndi.ldap.pool.Connections.get(Unknown Source)
at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Unknown Source)
at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(Unknown Source)
at com.sun.jndi.ldap.LdapClient.getInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(Unknown Source)
at javax.naming.spi.NamingManager.getURLObject(Unknown Source)
at javax.naming.spi.NamingManager.processURL(Unknown Source)
at javax.naming.spi.NamingManager.processURLAddrs(Unknown Source)
at javax.naming.spi.NamingManager.getObjectInstance(Unknown Source)
... 41 more
when I perform on the server hosting Tomcat and Hudson the exact same query (as
configured in Hudson config.xml) using ldapsearch the outcome is a valid
response from the LDAP service.
not clear why though the error log is reporting EXAMPLE.COM:389 (i.e. using the
rootDN) rather than the actual host address specified in the config settings.
Andrea Barbieri
added a comment - any further possibility to have this issue being looked at?
with Hudson v1.311, tomcat 6.0.20 (with or without tcnative support) this is the
error entry generated in catalina log file:
20-Jun-2009 10:52:18 hudson.security.LDAPSecurityRealm$1 loadUserByUsername
WARNING: Failed to search LDAP for username=example
org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;null; nested
exception is javax.naming.PartialResultException [Root exception is
javax.naming.CommunicationException: EXAMPLE.COM:389 [Root exception is
java.net.ConnectException: Connection timed out: connect]]
at
org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
at
org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
at
hudson.security.LDAPSecurityRealm$1.loadUserByUsername(LDAPSecurityRealm.java:348)
at
org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.loadUserDetails(TokenBasedRememberMeServices.java:308)
at
org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices.autoLogin(TokenBasedRememberMeServices.java:218)
at
org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:104)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at
hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:155)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.jstripe.tomcat.probe.Tomcat55AgentValve.invoke(Tomcat55AgentValve.java:20)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.naming.PartialResultException [Root exception is
javax.naming.CommunicationException: EXAMPLE.COM:389 [Root exception is
java.net.ConnectException: Connection timed out: connect]]
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(Unknown Source)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(Unknown Source)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(Unknown Source)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(Unknown Source)
at org.acegisecurity.ldap.LdapTemplate$3.doInDirContext(LdapTemplate.java:257)
at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:126)
... 32 more
Caused by: javax.naming.CommunicationException: EXAMPLE.COM:389 [Root exception
is java.net.ConnectException: Connection timed out: connect]
at com.sun.jndi.ldap.LdapReferralContext.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapReferralException.getReferralContext(Unknown Source)
at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreReferrals(Unknown Source)
... 38 more
Caused by: java.net.ConnectException: Connection timed out: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(Unknown Source)
at java.net.PlainSocketImpl.connectToAddress(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at java.net.Socket.<init>(Unknown Source)
at com.sun.jndi.ldap.Connection.createSocket(Unknown Source)
at com.sun.jndi.ldap.Connection.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapClient.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(Unknown Source)
at com.sun.jndi.ldap.pool.Connections.getOrCreateConnection(Unknown Source)
at com.sun.jndi.ldap.pool.Connections.get(Unknown Source)
at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Unknown Source)
at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(Unknown Source)
at com.sun.jndi.ldap.LdapClient.getInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.url.ldap.ldapURLContextFactory.getObjectInstance(Unknown Source)
at javax.naming.spi.NamingManager.getURLObject(Unknown Source)
at javax.naming.spi.NamingManager.processURL(Unknown Source)
at javax.naming.spi.NamingManager.processURLAddrs(Unknown Source)
at javax.naming.spi.NamingManager.getObjectInstance(Unknown Source)
... 41 more
when I perform on the server hosting Tomcat and Hudson the exact same query (as
configured in Hudson config.xml) using ldapsearch the outcome is a valid
response from the LDAP service.
not clear why though the error log is reporting EXAMPLE.COM:389 (i.e. using the
rootDN) rather than the actual host address specified in the config settings. can you describe in more detail the exact steps you perform to see this problem?
I gather that you login just fine, then let your tomcat session expire, then
visit any hudson page again? Hudson is now trying to login a new session with
the "remember-me" cookie, and you get this exception? Are you in fact logged in
now, even though the exception occurred, or did it fail and you are a guest? If
you try to login now are you able to? Or are you not able to see any pages now
because the exception occurs every time?
I didn't follow your EXAMPLE.COM vs config settings thing.. what are your LDAP
settings in Hudson?
I changed the configuration in tomcat and I am no longer seeing the problem.
Probably not a solution, but it does seem to be a workaround.
The key was setting the session-timeout to 0.