Open michael-conway opened 9 years ago
error
2015-10-26 14:47:33,433 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <Attempting LDAP authentication for mconway+password>
2015-10-26 14:47:33,433 DEBUG [org.ldaptive.auth.FormatDnResolver] - <Formatting DN for mconway with %s@ad.renci.org>
2015-10-26 14:47:33,433 DEBUG [org.ldaptive.auth.Authenticator] - <authenticate dn=mconway@ad.renci.org with request=[org.ldaptive.auth.AuthenticationRequest@1065370498::user=mconway, retAttrs=[1.1]]>
2015-10-26 14:47:33,433 DEBUG [org.ldaptive.auth.PooledBindAuthenticationHandler] - <authenticate criteria=[org.ldaptive.auth.AuthenticationCriteria@2110794847::dn=mconway@ad.renci.org, authenticationRequest=[org.ldaptive.auth.AuthenticationRequest@1065370498::user=mconway, retAttrs=[1.1]]]>
2015-10-26 14:47:33,434 DEBUG [org.ldaptive.BindOperation] - <execute request=[org.ldaptive.BindRequest@1846628736::bindDn=mconway@ad.renci.org, saslConfig=null, controls=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1447685118::config=[org.ldaptive.ConnectionConfig@399853141::ldapUrl=ldaps://ad.renci.org, connectTimeout=3000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@1223822646::credentialConfig=[org.ldaptive.ssl.X509CredentialConfig@613381098::trustCertificates=file:///tmp/renci_ad_ca.cert.pem, authenticationCertificate=null, authenticationKey=null], trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=null], providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@1199307530::metadata=[ldapUrl=ldaps://ad.renci.org, count=1], environment={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.timeout=3000, java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory, java.naming.ldap.version=3}, providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@480145968::operationExceptionResultCodes=[PROTOCOL_ERROR, SERVER_DOWN], properties={}, connectionStrategy=org.ldaptive.provider.ConnectionStrategies$DefaultConnectionStrategy@42f14daa, controlProcessor=org.ldaptive.provider.ControlProcessor@38cbac20, environment=null, tracePackets=null, removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null]], providerConnection=org.ldaptive.provider.jndi.JndiConnection@665abbfd]>
2015-10-26 14:47:33,437 DEBUG [org.ldaptive.BindOperation] - <execute response=[org.ldaptive.Response@377445204::result=null, resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=null, messageId=-1] for request=[org.ldaptive.BindRequest@1846628736::bindDn=mconway@ad.renci.org, saslConfig=null, controls=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1447685118::config=[org.ldaptive.ConnectionConfig@399853141::ldapUrl=ldaps://ad.renci.org, connectTimeout=3000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@1223822646::credentialConfig=[org.ldaptive.ssl.X509CredentialConfig@613381098::trustCertificates=file:///tmp/renci_ad_ca.cert.pem, authenticationCertificate=null, authenticationKey=null], trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=null], providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@1199307530::metadata=[ldapUrl=ldaps://ad.renci.org, count=1], environment={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.timeout=3000, java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory, java.naming.ldap.version=3}, providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@480145968::operationExceptionResultCodes=[PROTOCOL_ERROR, SERVER_DOWN], properties={}, connectionStrategy=org.ldaptive.provider.ConnectionStrategies$DefaultConnectionStrategy@42f14daa, controlProcessor=org.ldaptive.provider.ControlProcessor@38cbac20, environment=null, tracePackets=null, removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null]], providerConnection=org.ldaptive.provider.jndi.JndiConnection@665abbfd]>
2015-10-26 14:47:33,438 DEBUG [org.ldaptive.auth.PooledBindAuthenticationHandler] - <authenticate response=[org.ldaptive.auth.AuthenticationHandlerResponse@54850390::connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1447685118::config=[org.ldaptive.ConnectionConfig@399853141::ldapUrl=ldaps://ad.renci.org, connectTimeout=3000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@1223822646::credentialConfig=[org.ldaptive.ssl.X509CredentialConfig@613381098::trustCertificates=file:///tmp/renci_ad_ca.cert.pem, authenticationCertificate=null, authenticationKey=null], trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=null], providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@1199307530::metadata=[ldapUrl=ldaps://ad.renci.org, count=1], environment={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.timeout=3000, java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory, java.naming.ldap.version=3}, providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@480145968::operationExceptionResultCodes=[PROTOCOL_ERROR, SERVER_DOWN], properties={}, connectionStrategy=org.ldaptive.provider.ConnectionStrategies$DefaultConnectionStrategy@42f14daa, controlProcessor=org.ldaptive.provider.ControlProcessor@38cbac20, environment=null, tracePackets=null, removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null]], providerConnection=org.ldaptive.provider.jndi.JndiConnection@665abbfd], result=true, resultCode=SUCCESS, message=null, controls=null] for criteria=[org.ldaptive.auth.AuthenticationCriteria@2110794847::dn=mconway@ad.renci.org, authenticationRequest=[org.ldaptive.auth.AuthenticationRequest@1065370498::user=mconway, retAttrs=[1.1]]]>
2015-10-26 14:47:33,438 DEBUG [org.jasig.cas.authentication.support.UpnSearchEntryResolver] - <resolve criteria=[org.ldaptive.auth.AuthenticationCriteria@2110794847::dn=mconway@ad.renci.org, authenticationRequest=[org.ldaptive.auth.AuthenticationRequest@1065370498::user=mconway, retAttrs=[1.1]]]>
2015-10-26 14:47:33,439 DEBUG [org.ldaptive.SearchOperation] - <execute request=[org.ldaptive.SearchRequest@-251565737::baseDn=ou=RENCI Users,dc=ad,dc=renci,dc=org, searchFilter=[org.ldaptive.SearchFilter@-1744711134::filter=userPrincipalName={0}, parameters={0=mconway@ad.renci.org}], returnAttributes=[1.1], searchScope=SUBTREE, timeLimit=0, sizeLimit=0, derefAliases=null, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=null, controls=null, followReferrals=false, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1447685118::config=[org.ldaptive.ConnectionConfig@399853141::ldapUrl=ldaps://ad.renci.org, connectTimeout=3000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@1223822646::credentialConfig=[org.ldaptive.ssl.X509CredentialConfig@613381098::trustCertificates=file:///tmp/renci_ad_ca.cert.pem, authenticationCertificate=null, authenticationKey=null], trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=null], providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@1199307530::metadata=[ldapUrl=ldaps://ad.renci.org, count=1], environment={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.timeout=3000, java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory, java.naming.ldap.version=3}, providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@480145968::operationExceptionResultCodes=[PROTOCOL_ERROR, SERVER_DOWN], properties={}, connectionStrategy=org.ldaptive.provider.ConnectionStrategies$DefaultConnectionStrategy@42f14daa, controlProcessor=org.ldaptive.provider.ControlProcessor@38cbac20, environment=null, tracePackets=null, removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null]], providerConnection=org.ldaptive.provider.jndi.JndiConnection@665abbfd]>
2015-10-26 14:47:33,441 DEBUG [org.ldaptive.SearchOperation] - <execute response=[org.ldaptive.Response@600020167::result=[org.ldaptive.SearchResult@4303153::entries=[], references=[]], resultCode=SUCCESS, message=null, matchedDn=null, responseControls=null, referralURLs=null, messageId=-1] for request=[org.ldaptive.SearchRequest@-251565737::baseDn=ou=RENCI Users,dc=ad,dc=renci,dc=org, searchFilter=[org.ldaptive.SearchFilter@-1744711134::filter=userPrincipalName={0}, parameters={0=mconway@ad.renci.org}], returnAttributes=[1.1], searchScope=SUBTREE, timeLimit=0, sizeLimit=0, derefAliases=null, typesOnly=false, binaryAttributes=null, sortBehavior=UNORDERED, searchEntryHandlers=null, searchReferenceHandlers=null, controls=null, followReferrals=false, intermediateResponseHandlers=null] with connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1447685118::config=[org.ldaptive.ConnectionConfig@399853141::ldapUrl=ldaps://ad.renci.org, connectTimeout=3000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@1223822646::credentialConfig=[org.ldaptive.ssl.X509CredentialConfig@613381098::trustCertificates=file:///tmp/renci_ad_ca.cert.pem, authenticationCertificate=null, authenticationKey=null], trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=null], providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@1199307530::metadata=[ldapUrl=ldaps://ad.renci.org, count=1], environment={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.timeout=3000, java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory, java.naming.ldap.version=3}, providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@480145968::operationExceptionResultCodes=[PROTOCOL_ERROR, SERVER_DOWN], properties={}, connectionStrategy=org.ldaptive.provider.ConnectionStrategies$DefaultConnectionStrategy@42f14daa, controlProcessor=org.ldaptive.provider.ControlProcessor@38cbac20, environment=null, tracePackets=null, removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null]], providerConnection=org.ldaptive.provider.jndi.JndiConnection@665abbfd]>
2015-10-26 14:47:33,441 DEBUG [org.jasig.cas.authentication.support.UpnSearchEntryResolver] - <resolved result=[org.ldaptive.SearchResult@4303153::entries=[], references=[]] for criteria=[org.ldaptive.auth.AuthenticationCriteria@2110794847::dn=mconway@ad.renci.org, authenticationRequest=[org.ldaptive.auth.AuthenticationRequest@1065370498::user=mconway, retAttrs=[1.1]]]>
2015-10-26 14:47:33,441 INFO [org.ldaptive.auth.Authenticator] - <Authentication succeeded for dn: mconway@ad.renci.org>
2015-10-26 14:47:33,442 DEBUG [org.ldaptive.auth.Authenticator] - <authenticate response=[org.ldaptive.auth.AuthenticationHandlerResponse@54850390::connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@1447685118::config=[org.ldaptive.ConnectionConfig@399853141::ldapUrl=ldaps://ad.renci.org, connectTimeout=3000, responseTimeout=-1, sslConfig=[org.ldaptive.ssl.SslConfig@1223822646::credentialConfig=[org.ldaptive.ssl.X509CredentialConfig@613381098::trustCertificates=file:///tmp/renci_ad_ca.cert.pem, authenticationCertificate=null, authenticationKey=null], trustManagers=null, enabledCipherSuites=null, enabledProtocols=null, handshakeCompletedListeners=null], useSSL=false, useStartTLS=false, connectionInitializer=null], providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@1199307530::metadata=[ldapUrl=ldaps://ad.renci.org, count=1], environment={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.timeout=3000, java.naming.ldap.factory.socket=org.ldaptive.ssl.ThreadLocalTLSSocketFactory, java.naming.ldap.version=3}, providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@480145968::operationExceptionResultCodes=[PROTOCOL_ERROR, SERVER_DOWN], properties={}, connectionStrategy=org.ldaptive.provider.ConnectionStrategies$DefaultConnectionStrategy@42f14daa, controlProcessor=org.ldaptive.provider.ControlProcessor@38cbac20, environment=null, tracePackets=null, removeDnUrls=true, searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null]], providerConnection=org.ldaptive.provider.jndi.JndiConnection@665abbfd], result=true, resultCode=SUCCESS, message=null, controls=null] for dn=mconway@ad.renci.org with request=[org.ldaptive.auth.AuthenticationRequest@1065370498::user=mconway, retAttrs=[1.1]]>
2015-10-26 14:47:33,442 DEBUG [org.jasig.cas.authentication.LdapAuthenticationHandler] - <LDAP response: [org.ldaptive.auth.AuthenticationResponse@2103224104::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS, ldapEntry=[dn=mconway@ad.renci.org[]], accountState=null, result=true, resultCode=SUCCESS, message=null, controls=null]>
2015-10-26 14:47:33,442 INFO [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <LdapAuthenticationHandler failed authenticating mconway+password>
2015-10-26 14:47:33,442 DEBUG [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - <LdapAuthenticationHandler exception details: sAMAccountName attribute not found for mconway>
2015-10-26 14:47:33,443 DEBUG [org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver] - <Resolving argument [UsernamePasswordCredential] for audit>
2015-10-26 14:47:33,443 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Mon Oct 26 14:47:33 EDT 2015|CAS|supplied credentials: [mconway+password]|AUTHENTICATION_FAILED|mconway+password|152.54.4.36|dfc-test-cas2.edc.renci.org>
2015-10-26 14:47:33,443 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Mon Oct 26 14:47:33 EDT 2015|CAS|supplied credentials: [mconway+password]|AUTHENTICATION_FAILED|mconway+password|152.54.4.36|dfc-test-cas2.edc.renci.org>
2015-10-26 14:47:33,444 DEBUG [org.jasig.cas.audit.spi.TicketOrCredentialPrincipalResolver] - <Resolving argument [UsernamePasswordCredential] for audit>
2015-10-26 14:47:33,444 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Mon Oct 26 14:47:33 EDT 2015|CAS|1 errors, 0 successes|TICKET_GRANTING_TICKET_NOT_CREATED|mconway+password|152.54.4.36|dfc-test-cas2.edc.renci.org>
2015-10-26 14:47:33,444 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Mon Oct 26 14:47:33 EDT 2015|CAS|1 errors, 0 successes|TICKET_GRANTING_TICKET_NOT_CREATED|mconway+password|152.54.4.36|dfc-test-cas2.edc.renci.org>
note response
ldapEntry=[dn=mconway@ad.renci.org[
appears in above log and is processed here:
configure for renci ad