Sometimes BRM does not allow to log-in with correct credentials while using LdapExtLoginModule for authentication through LDAP
Issue
- Sometimes, BRM (i.e. Guvnor) does not allow users to log-in, even with correct credentials. BRM is configured to use
LdapExtLoginModule
for authenticating users through LDAP . Looking at theserver.log
it throws the following exception during the time it attempts to authenticate the user. Is there a way to find out where the problem lies?
WARN [org.jboss.security.auth.spi.LdapExtLoginModule] (http-10.10.10.10-8080-3) javax.naming.CommunicationException: xx.yy:100 [Root exception is java.net.ConnectException: Connection timed out]
DEBUG [org.jboss.security.auth.spi.LdapExtLoginModule] (http-10.10.10.10-8080-3) Bad password for username=Test
javax.naming.CommunicationException: xx.yy:100 [Root exception is java.net.ConnectException: Connection timed out]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:209)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:116)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1582)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2678)
...
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
at org.jboss.security.auth.spi.LdapExtLoginModule.constructInitialLdapContext(LdapExtLoginModule.java:675)
at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:448)
at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:332)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:271)
...
Caused by: java.net.ConnectException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:351)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:213)
...
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:351)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:186)
...
TRACE [org.jboss.security.auth.spi.LdapExtLoginModule] (http-10.10.10.10-8080-3) abort
ERROR [org.drools.guvnor.server.security.SecurityServiceImpl] (http-10.10.10.10-8080-3) Unable to login.
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:274)
...
Caused by: javax.naming.CommunicationException: xx.yy:100 [Root exception is java.net.ConnectException: Connection timed out]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:209)
...
at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:332)
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:271)
... 51 more
Caused by: java.net.ConnectException: Connection timed out
at java.net.PlainSocketImpl.socketConnect(Native Method)
...
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:351)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:186)
...
Environment
- Red Hat JBoss BRMS (BRMS)
- 5.3.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.