Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-54015

ldap authentication problem

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Component/s: ldap-plugin
    • Labels:
      None
    • Environment:
      LDAP Plugin 1.20
    • Similar Issues:

      Description

      Everything works fine for awhile and as long as I am active on the site.
      However, if I close the browser and subsequently attempt to
      access the site after several hours of inactivity I consistently run into the
      following problem.

       

      Oct 11, 2018 8:14:38 AM hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager authenticate
      WARNING: Failed communication with ldap server.
      org.acegisecurity.AuthenticationServiceException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:238)
      	at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
      	at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200)
      	at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47)
      	at hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager.authenticate(LDAPSecurityRealm.java:997)
      	at jenkins.security.BasicHeaderRealPasswordAuthenticator.authenticate(BasicHeaderRealPasswordAuthenticator.java:56)
      	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:79)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
      	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1317)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1219)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.Server.handle(Server.java:531)
      	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
      	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
      	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
      	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
      	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
      	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
      	at winstone.BoundedExecutorService.lambda$scheduleNext$0(BoundedExecutorService.java:80)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at java.lang.Thread.run(Thread.java:748)
      Caused by: org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
      	at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
      	at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
      	at org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
      	at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator.authenticate(BindAuthenticator.java:71)
      	at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator2.authenticate(BindAuthenticator2.java:49)
      	at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:233)
      	... 49 more
      Caused by: javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at com.sun.jndi.ldap.Connection.readReply(Connection.java:454)
      	at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:638)
      	at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:561)
      	at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)
      	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
      	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
      	at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
      	at org.acegisecurity.ldap.LdapTemplate$3.doInDirContext(LdapTemplate.java:249)
      	at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:126)
      	... 54 moreOct 11, 2018 8:14:38 AM hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager authenticate
      WARNING: Failed communication with ldap server.
      org.acegisecurity.AuthenticationServiceException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:238)
      	at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
      	at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200)
      	at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47)
      	at hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager.authenticate(LDAPSecurityRealm.java:997)
      	at jenkins.security.BasicHeaderRealPasswordAuthenticator.authenticate(BasicHeaderRealPasswordAuthenticator.java:56)
      	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:79)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
      	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1317)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1219)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.Server.handle(Server.java:531)
      	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
      	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
      	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
      	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
      	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
      	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
      	at winstone.BoundedExecutorService.lambda$scheduleNext$0(BoundedExecutorService.java:80)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at java.lang.Thread.run(Thread.java:748)
      Caused by: org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
      	at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
      	at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
      	at org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
      	at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator.authenticate(BindAuthenticator.java:71)
      	at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator2.authenticate(BindAuthenticator2.java:49)
      	at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:233)
      	... 49 more
      Caused by: javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at com.sun.jndi.ldap.Connection.readReply(Connection.java:454)
      	at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:638)
      	at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:561)
      	at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)
      	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
      	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
      	at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
      	at org.acegisecurity.ldap.LdapTemplate$3.doInDirContext(LdapTemplate.java:249)
      	at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:126)
      	... 54 moreOct 11, 2018 8:14:39 AM hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager authenticate
      WARNING: Failed communication with ldap server.
      org.acegisecurity.AuthenticationServiceException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:238)
      	at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
      	at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200)
      	at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47)
      	at hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager.authenticate(LDAPSecurityRealm.java:997)
      	at jenkins.security.BasicHeaderRealPasswordAuthenticator.authenticate(BasicHeaderRealPasswordAuthenticator.java:56)
      	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:79)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
      	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1317)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1219)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.Server.handle(Server.java:531)
      	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
      	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
      	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
      	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
      	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
      	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
      	at winstone.BoundedExecutorService.lambda$scheduleNext$0(BoundedExecutorService.java:80)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at java.lang.Thread.run(Thread.java:748)
      Caused by: org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
      	at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
      	at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
      	at org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
      	at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator.authenticate(BindAuthenticator.java:71)
      	at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator2.authenticate(BindAuthenticator2.java:49)
      	at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:233)
      	... 49 more
      Caused by: javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at com.sun.jndi.ldap.Connection.readReply(Connection.java:454)
      	at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:638)	at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:561)
      	at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)
      	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
      	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
      	at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
      	at org.acegisecurity.ldap.LdapTemplate$3.doInDirContext(LdapTemplate.java:249)
      	at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:126)
      	... 54 moreOct 11, 2018 8:14:39 AM hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager authenticate
      WARNING: Failed communication with ldap server.
      org.acegisecurity.AuthenticationServiceException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:238)
      	at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
      	at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:200)
      	at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:47)
      	at hudson.security.LDAPSecurityRealm$LDAPAuthenticationManager.authenticate(LDAPSecurityRealm.java:997)
      	at jenkins.security.BasicHeaderRealPasswordAuthenticator.authenticate(BasicHeaderRealPasswordAuthenticator.java:56)
      	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:79)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
      	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1642)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1317)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1219)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.Server.handle(Server.java:531)
      	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)
      	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)
      	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)
      	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
      	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)
      	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)
      	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)
      	at winstone.BoundedExecutorService.lambda$scheduleNext$0(BoundedExecutorService.java:80)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at java.lang.Thread.run(Thread.java:748)
      Caused by: org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;ks-account-ae.kubesphere-system.svc:389; socket closed; nested exception is javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at org.acegisecurity.ldap.LdapTemplate$LdapExceptionTranslator.translate(LdapTemplate.java:295)
      	at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:128)
      	at org.acegisecurity.ldap.LdapTemplate.searchForSingleEntry(LdapTemplate.java:246)
      	at org.acegisecurity.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:119)
      	at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator.authenticate(BindAuthenticator.java:71)
      	at org.acegisecurity.providers.ldap.authenticator.BindAuthenticator2.authenticate(BindAuthenticator2.java:49)
      	at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:233)
      	... 49 more
      Caused by: javax.naming.ServiceUnavailableException: ks-account-ae.kubesphere-system.svc:389; socket closed; remaining name 'ou=Users'
      	at com.sun.jndi.ldap.Connection.readReply(Connection.java:454)
      	at com.sun.jndi.ldap.LdapClient.getSearchReply(LdapClient.java:638)
      	at com.sun.jndi.ldap.LdapClient.search(LdapClient.java:561)
      	at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1985)
      	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1844)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
      	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
      	at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
      	at org.acegisecurity.ldap.LdapTemplate$3.doInDirContext(LdapTemplate.java:249)
      	at org.acegisecurity.ldap.LdapTemplate.execute(LdapTemplate.java:126)
      	... 54 more
      

        Attachments

          Issue Links

            Activity

            Hide
            runzexia runze xia added a comment - - edited
            Show
            runzexia runze xia added a comment - - edited http://forum.spring.io/forum/spring-projects/data/ldap/96508-ldap-authentication-intermittent-socket-closed-error I think this is a problem with the dependencies of the ldap plugin.

              People

              • Assignee:
                Unassigned
                Reporter:
                runzexia runze xia
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: