search

AbsaOSS / enceladus

Dynamic Conformance Engine
Apache License 2.0
30 stars 14 forks source link

Investigate why LDAP Channel Binding breaks authentication #2220

Open benedeki opened 5 days ago

benedeki commented 5 days ago

Describe the bug

When LDAP Channel Binding is switched on on the server, it breaks authentication of Menas

Expected behavior

LDAP Channel Binding setup does not break the application

Screenshots

[WARN]  2024-09-10 20:04:48,754 [https-openssl-apr-8443-exec-1] za.co.absa.enceladus.menas.auth.MenasAuthenticationFailureHandler - Authentication exception
za.co.absa.enceladus.menas.auth.exceptions.BadLdapHostException: java.security.PrivilegedActionException: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090346: LdapErr: DSID-0C0905E4, comment: AcceptSecurityContext error, data 80090346, v3839^@]
[INFO]  2024-08-23 05:02:26,121 [main] org.springframework.ldap.core.support.AbstractContextSource - Property 'userDn' not set - anonymous context will be used for read-write operations
[INFO]  2024-08-23 05:29:07,914 [https-openssl-apr-8443-exec-8] org.springframework.ldap.core.support.AbstractContextSource - Property 'userDn' not set - anonymous context will be used for read-write operations
benedeki commented 5 days ago

From quick search by @Zejnilovic

https://bugs.openjdk.org/browse/JDK-8245527

https://github.com/spring-projects/spring-security/issues/8037