-
Bug
-
Resolution: Fixed
-
Major
-
None
-
Platform: All, OS: SunOS
If one of domain contollers is not available (or there is a wrong entry in SRV
records in DNS), and Hudson receives such name from DNS, it tries to bind to
LDAP with this one domain controller only and does not even try to fall back to
other domain controllers listed in SRV records.
Expected behavior: When UnknownHostException (or CommunicationException) is
caught, retry binding with another domain controller listed in SRV records.
Below is a stack trace from console when this problem happens. Note that
<domain> is just a placeholder for a real domain name.
Also there is a typo: "and could not authenticat against any" should read "and
could not authenticate against any"
Aug 19, 2009 1:50:08 PM
hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
retrieveUser
WARNING: Failed to bind to LDAP
javax.naming.CommunicationException: zhk25dsdc11.<domain>.:389 [Root exception
is java.net.UnknownHostException: zhk25dsdc11.<domain>.]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:207)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1580)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2616)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at
com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:134)
at
hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:102)
at
hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:73)
at
org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:119)
at
org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
at
org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
at
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
at
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
at
hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
at
hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at
hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
at
hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:155)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
at winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
at
winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244)
at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.net.UnknownHostException: zhk25dsdc11.<domain>.
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:177)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:518)
at java.net.Socket.connect(Socket.java:468)
at java.net.Socket.<init>(Socket.java:365)
at java.net.Socket.<init>(Socket.java:179)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:349)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:184)
... 27 more
Aug 19, 2009 1:50:08 PM
hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
retrieveUser
WARNING: Credential exception tying to authenticate against <domain> domain
org.acegisecurity.BadCredentialsException: Either no such user 'akm022@<domain>'
or incorrect password; nested exception is javax.naming.CommunicationException:
zhk25dsdc11.<domain>.:389 [Root exception is java.net.UnknownHostException:
zhk25dsdc11.<domain>.]
at
hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:107)
at
hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:73)
at
org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:119)
at
org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
at
org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
at
org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
at
org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
at
hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
at
hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at
hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
at
hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at
hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:155)
at winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
at winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
at
winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244)
at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.naming.CommunicationException: zhk25dsdc11.<domain>.:389 [Root
exception is java.net.UnknownHostException: zhk25dsdc11.<domain>.]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:207)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1580)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2616)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at
com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:134)
at
hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:102)
... 20 more
Caused by: java.net.UnknownHostException: zhk25dsdc11.<domain>.
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:177)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:518)
at java.net.Socket.connect(Socket.java:468)
at java.net.Socket.<init>(Socket.java:365)
at java.net.Socket.<init>(Socket.java:179)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:349)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:184)
... 27 more
Aug 19, 2009 1:50:08 PM
hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider
retrieveUser
WARNING: Exhausted all configured domains and could not authenticat against any.
Aug 19, 2009 1:50:08 PM hudson.security.AuthenticationProcessingFilter2
onUnsuccessfulAuthentication
INFO: Login attempt failed