Skip to Content.
Sympa Menu

shibboleth-dev - Re: [Shib-Dev] derefAliases broken in 2.2.x

Subject: Shibboleth Developers

List archive

Re: [Shib-Dev] derefAliases broken in 2.2.x


Chronological Thread 
  • From: Dan McLaughlin <>
  • To:
  • Subject: Re: [Shib-Dev] derefAliases broken in 2.2.x
  • Date: Wed, 8 Jun 2011 22:15:02 -0500

Found the issue with IBM DS; it was a typo in the jaas config. IBM DS
and 3.3.3 are working again, but I'm not using aliases in IBM DS
either.

--

Thanks,

Dan McLaughlin

NOTICE: This e-mail message and all attachments transmitted with it
are for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is strictly prohibited. The contents of
this e-mail are confidential and may be subject to work product
privileges. If you are not the intended recipient, please contact the
sender by reply e-mail and destroy all copies of the original message.



On Wed, Jun 8, 2011 at 10:04 PM, Dan McLaughlin
<>
wrote:
> BTW... I haven't started to look at them yet, but my upgrades to IdP
> 2.3.0 using IBM Directory Server and MS Active Directory are also
> failing after moving to 2.3.0.   In both cases I'm getting errors
> related to the bind user credentials being wrong, but I know they
> aren't b/c moving back to the 3.3.2 vt jar makes things work again.
>
> --
>
> Thanks,
>
> Dan McLaughlin
>
> NOTICE: This e-mail message and all attachments transmitted with it
> are for the sole use of the intended recipient(s) and may contain
> confidential and privileged information. Any unauthorized review, use,
> disclosure or distribution is strictly prohibited. The contents of
> this e-mail are confidential and may be subject to work product
> privileges. If you are not the intended recipient, please contact the
> sender by reply e-mail and destroy all copies of the original message.
>
>
>
>
> On Wed, Jun 8, 2011 at 8:56 PM, Daniel Fisher
> <>
> wrote:
>> Hmmm....ok now now use the same jaas config with vt-ldap 3.3.2.
>> Thanks for indulging me on all these tests.
>>
>> --Daniel Fisher
>>
>> On Wed, Jun 8, 2011 at 9:41 PM, Dan McLaughlin
>> <>
>> wrote:
>>> 20:35:36.857 - TRACE
>>> [edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter:108]
>>> - Attempting to retrieve IdP session cookie.
>>> 20:35:36.858 - DEBUG
>>> [edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet:153]
>>> - Attempting to authenticate user jdoe-c
>>> 20:35:36.858 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:144]
>>> - Begin initialize
>>> 20:35:36.858 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:180]
>>> - useFirstPass = false
>>> 20:35:36.858 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:181]
>>> - tryFirstPass = false
>>> 20:35:36.858 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:182]
>>> - storePass = false
>>> 20:35:36.859 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:183]
>>> - clearPass = false
>>> 20:35:36.859 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:184]
>>> - setLdapPrincipal = true
>>> 20:35:36.859 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:185]
>>> - setLdapDnPrincipal = false
>>> 20:35:36.859 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:186]
>>> - setLdapCredential = true
>>> 20:35:36.859 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:187]
>>> - defaultRole = []
>>> 20:35:36.859 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:188]
>>> - principalGroupName = null
>>> 20:35:36.860 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:189]
>>> - roleGroupName = null
>>> 20:35:36.860 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:77]
>>> - userRoleAttribute = []
>>> 20:35:36.860 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:1385] - setting
>>> searchScope: ONELEVEL
>>> 20:35:36.861 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:1683] - setting
>>> searchResultsHandlers:
>>> [edu.vt.middleware.ldap.handler.FqdnSearchResultHandler@74f334]
>>> 20:35:36.861 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:427] - setting
>>> subtreeSearch: true
>>> 20:35:36.861 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:1385] - setting
>>> searchScope: SUBTREE
>>> 20:35:36.861 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:1370] - setting
>>> baseDn: T=MAYBASEDN
>>> 20:35:36.862 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:1834] - setting ssl:
>>> true
>>> 20:35:36.862 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:1168] - setting
>>> ldapUrl: ldap://ldap01:636
>>> 20:35:36.862 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:1651] - setting
>>> derefAliases: never
>>> 20:35:36.862 - TRACE
>>> [edu.vt.middleware.ldap.auth.AuthenticatorConfig:290] - setting
>>> userFilter: (&(cn={0})(objectclass=person))
>>> 20:35:36.862 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:83]
>>> - Created authenticator:
>>> edu.vt.middleware.ldap.auth.AuthenticatorConfig@718554::env={java.naming.provider.url=ldap://ldap01:636,
>>> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
>>> java.naming.ldap.derefAliases=never,
>>> java.naming.security.protocol=ssl}
>>> 20:35:36.863 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:412]
>>> - Begin getCredentials
>>> 20:35:36.863 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:413]
>>> -   useFistPass = false
>>> 20:35:36.863 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:414]
>>> -   tryFistPass = false
>>> 20:35:36.863 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:415]
>>> -   useCallback = false
>>> 20:35:36.863 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:416]
>>> -   callbackhandler class =
>>> javax.security.auth.login.LoginContext$SecureCallbackHandler
>>> 20:35:36.863 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:419]
>>> -   name callback class = javax.security.auth.callback.NameCallback
>>> 20:35:36.864 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:421]
>>> -   password callback class =
>>> javax.security.auth.callback.PasswordCallback
>>> 20:35:36.864 - DEBUG
>>> [edu.vt.middleware.ldap.auth.SearchDnResolver:102] - Looking up DN
>>> using userFilter
>>> 20:35:36.864 - DEBUG
>>> [edu.vt.middleware.ldap.auth.SearchDnResolver:193] - Search with the
>>> following parameters:
>>> 20:35:36.864 - DEBUG
>>> [edu.vt.middleware.ldap.auth.SearchDnResolver:194] -   dn =
>>> T=MAYBASEDN
>>> 20:35:36.864 - DEBUG
>>> [edu.vt.middleware.ldap.auth.SearchDnResolver:195] -   filter =
>>> (&(cn={0})(objectclass=person))
>>> 20:35:36.865 - DEBUG
>>> [edu.vt.middleware.ldap.auth.SearchDnResolver:196] -   filterArgs =
>>> [jdoe-c]
>>> 20:35:36.865 - DEBUG
>>> [edu.vt.middleware.ldap.auth.SearchDnResolver:197] -   searchControls
>>> =
>>> javax.naming.directory.SearchControls@1d47ef4
>>> 20:35:36.865 - DEBUG
>>> [edu.vt.middleware.ldap.auth.SearchDnResolver:198] -   handler =
>>> [edu.vt.middleware.ldap.handler.FqdnSearchResultHandler@74f334]
>>> 20:35:36.865 - TRACE
>>> [edu.vt.middleware.ldap.auth.SearchDnResolver:200] -   config =
>>> {java.naming.provider.url=ldap://ldap01:636,
>>> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
>>> java.naming.ldap.derefAliases=never,
>>> java.naming.security.protocol=ssl}
>>> 20:35:36.865 - TRACE
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:93] - setting
>>> connectionStrategy: DEFAULT
>>> 20:35:36.865 - TRACE
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:110] -
>>> setting connectionRetryExceptions: [class
>>> javax.naming.NamingException]
>>> 20:35:36.866 - TRACE
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:152] - {0}
>>> Attempting connection to ldap://ldap01:636 for strategy DEFAULT
>>> 20:35:36.866 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:73] - Bind
>>> with the following parameters:
>>> 20:35:36.866 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:74] -
>>> authtype = simple
>>> 20:35:36.866 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:75] -   dn =
>>> null
>>> 20:35:36.866 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:82] -
>>> credential = <suppressed>
>>> 20:35:36.867 - TRACE
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:86] -   env =
>>> {java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
>>> java.naming.provider.url=ldap://ldap01:636,
>>> java.naming.ldap.derefAliases=never,
>>> java.naming.security.protocol=ssl}
>>> 20:35:37.120 - TRACE
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:93] - setting
>>> connectionStrategy: DEFAULT
>>> 20:35:37.121 - TRACE
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:110] -
>>> setting connectionRetryExceptions: [class
>>> javax.naming.NamingException]
>>> 20:35:37.121 - TRACE
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:152] - {1}
>>> Attempting connection to ldap://ldap01:636 for strategy DEFAULT
>>> 20:35:37.121 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:73] - Bind
>>> with the following parameters:
>>> 20:35:37.122 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:74] -
>>> authtype = simple
>>> 20:35:37.122 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:75] -   dn =
>>> ldap:
>>> 20:35:37.122 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:82] -
>>> credential = <suppressed>
>>> 20:35:37.122 - TRACE
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:86] -   env =
>>> {java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
>>> java.naming.provider.url=ldap://ldap01:636,
>>> java.naming.ldap.derefAliases=never,
>>> java.naming.security.protocol=ssl}
>>>
>>> 20:35:37.339 - DEBUG
>>> [edu.vt.middleware.ldap.handler.DefaultConnectionHandler:163] - Error
>>> connecting to LDAP URL: ldap://ldap01:636
>>> javax.naming.InvalidNameException: [LDAP: error code 34 - Invalid DN
>>> Syntax]
>>>        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2982)
>>> ~[na:1.6.0_24]
>>>        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
>>> ~[na:1.6.0_24]
>>>        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
>>> ~[na:1.6.0_24]
>>>        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
>>> ~[na:1.6.0_24]
>>>        at
>>> com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
>>> ~[na:1.6.0_24]
>>>        at
>>> com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
>>> ~[na:1.6.0_24]
>>>        at
>>> com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
>>> ~[na:1.6.0_24]
>>>        at
>>> com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
>>> ~[na:1.6.0_24]
>>>        at javax.naming.InitialContext.init(InitialContext.java:223)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
>>> ~[na:1.6.0_24]
>>>        at
>>> edu.vt.middleware.ldap.handler.DefaultConnectionHandler.connectInternal(DefaultConnectionHandler.java:102)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.handler.AbstractConnectionHandler.connect(AbstractConnectionHandler.java:156)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.auth.handler.BindAuthenticationHandler.authenticate(BindAuthenticationHandler.java:53)
>>> [vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.auth.AbstractAuthenticator.authenticateAndAuthorize(AbstractAuthenticator.java:174)
>>> [vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:74)
>>> [vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.auth.Authenticator.authenticate(Authenticator.java:320)
>>> [vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.auth.Authenticator.authenticate(Authenticator.java:277)
>>> [vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:60)
>>> [vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.jaas.LdapLoginModule.login(LdapLoginModule.java:103)
>>> [vt-ldap-3.3.3.jar:na]
>>>        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> ~[na:1.6.0_24]
>>>        at
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>>> ~[na:1.6.0_24]
>>>        at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>>> ~[na:1.6.0_24]
>>>        at java.lang.reflect.Method.invoke(Method.java:597) ~[na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>>> [na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>>> [na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>> [na:1.6.0_24]
>>>        at java.security.AccessController.doPrivileged(Native Method)
>>> [na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>> [na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>>> [na:1.6.0_24]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.authenticateUser(UsernamePasswordLoginServlet.java:160)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.service(UsernamePasswordLoginServlet.java:106)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>> [servlet-api.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.util.NoCacheFilter.doFilter(NoCacheFilter.java:49)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter.doFilter(IdPSessionFilter.java:80)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.common.log.SLF4JMDCCleanupFilter.doFilter(SLF4JMDCCleanupFilter.java:51)
>>> [shibboleth-common-1.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>>> [catalina.jar:6.0.32]
>>>        at
>>> com.googlecode.psiprobe.Tomcat60AgentValve.invoke(Tomcat60AgentValve.java:30)
>>> [tomcat60adaptor-2.2.1.jar:2.2.1]
>>>        at
>>> org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBinderValve.java:227)
>>> [catalina-ha.jar:6.0.32]
>>>        at
>>> org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.java:347)
>>> [catalina-ha.jar:6.0.32]
>>>        at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:647)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.coyote.ajp.AjpAprProcessor.process(AjpAprProcessor.java:429)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at
>>> org.apache.coyote.ajp.AjpAprProtocol$AjpConnectionHandler.process(AjpAprProtocol.java:384)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at
>>> org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1665)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at java.lang.Thread.run(Thread.java:662) [na:1.6.0_24]
>>> 20:35:37.340 - DEBUG [edu.vt.middleware.ldap.jaas.LdapLoginModule:164]
>>> - Error occured attempting authentication
>>> javax.naming.InvalidNameException: [LDAP: error code 34 - Invalid DN
>>> Syntax]
>>>        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2982)
>>> ~[na:1.6.0_24]
>>>        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
>>> ~[na:1.6.0_24]
>>>        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
>>> ~[na:1.6.0_24]
>>>        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
>>> ~[na:1.6.0_24]
>>>        at
>>> com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
>>> ~[na:1.6.0_24]
>>>        at
>>> com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
>>> ~[na:1.6.0_24]
>>>        at
>>> com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
>>> ~[na:1.6.0_24]
>>>        at
>>> com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
>>> ~[na:1.6.0_24]
>>>        at javax.naming.InitialContext.init(InitialContext.java:223)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
>>> ~[na:1.6.0_24]
>>>        at
>>> edu.vt.middleware.ldap.handler.DefaultConnectionHandler.connectInternal(DefaultConnectionHandler.java:102)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.handler.AbstractConnectionHandler.connect(AbstractConnectionHandler.java:156)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.auth.handler.BindAuthenticationHandler.authenticate(BindAuthenticationHandler.java:53)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.auth.AbstractAuthenticator.authenticateAndAuthorize(AbstractAuthenticator.java:174)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:74)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.auth.Authenticator.authenticate(Authenticator.java:320)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.auth.Authenticator.authenticate(Authenticator.java:277)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:60)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at
>>> edu.vt.middleware.ldap.jaas.LdapLoginModule.login(LdapLoginModule.java:103)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> ~[na:1.6.0_24]
>>>        at
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>>> ~[na:1.6.0_24]
>>>        at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>>> ~[na:1.6.0_24]
>>>        at java.lang.reflect.Method.invoke(Method.java:597) ~[na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>>> [na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>>> [na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>> [na:1.6.0_24]
>>>        at java.security.AccessController.doPrivileged(Native Method)
>>> [na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>> [na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>>> [na:1.6.0_24]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.authenticateUser(UsernamePasswordLoginServlet.java:160)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.service(UsernamePasswordLoginServlet.java:106)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>> [servlet-api.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.util.NoCacheFilter.doFilter(NoCacheFilter.java:49)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter.doFilter(IdPSessionFilter.java:80)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.common.log.SLF4JMDCCleanupFilter.doFilter(SLF4JMDCCleanupFilter.java:51)
>>> [shibboleth-common-1.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>>> [catalina.jar:6.0.32]
>>>        at
>>> com.googlecode.psiprobe.Tomcat60AgentValve.invoke(Tomcat60AgentValve.java:30)
>>> [tomcat60adaptor-2.2.1.jar:2.2.1]
>>>        at
>>> org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBinderValve.java:227)
>>> [catalina-ha.jar:6.0.32]
>>>        at
>>> org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.java:347)
>>> [catalina-ha.jar:6.0.32]
>>>        at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:647)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.coyote.ajp.AjpAprProcessor.process(AjpAprProcessor.java:429)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at
>>> org.apache.coyote.ajp.AjpAprProtocol$AjpConnectionHandler.process(AjpAprProtocol.java:384)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at
>>> org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1665)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at java.lang.Thread.run(Thread.java:662) [na:1.6.0_24]
>>> 20:35:37.341 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:264]
>>> - Begin abort
>>> 20:35:37.342 - DEBUG
>>> [edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet:176]
>>> - User authentication for jdoe-c failed
>>> javax.security.auth.login.LoginException: [LDAP: error code 34 -
>>> Invalid DN Syntax]
>>>        at
>>> edu.vt.middleware.ldap.jaas.LdapLoginModule.login(LdapLoginModule.java:167)
>>> ~[vt-ldap-3.3.3.jar:na]
>>>        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> ~[na:1.6.0_24]
>>>        at
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>>> ~[na:1.6.0_24]
>>>        at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>>> ~[na:1.6.0_24]
>>>        at java.lang.reflect.Method.invoke(Method.java:597) ~[na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>> ~[na:1.6.0_24]
>>>        at java.security.AccessController.doPrivileged(Native Method)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>> ~[na:1.6.0_24]
>>>        at
>>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>>> ~[na:1.6.0_24]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.authenticateUser(UsernamePasswordLoginServlet.java:160)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.service(UsernamePasswordLoginServlet.java:106)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>> [servlet-api.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.util.NoCacheFilter.doFilter(NoCacheFilter.java:49)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter.doFilter(IdPSessionFilter.java:80)
>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> edu.internet2.middleware.shibboleth.common.log.SLF4JMDCCleanupFilter.doFilter(SLF4JMDCCleanupFilter.java:51)
>>> [shibboleth-common-1.3.0.jar:na]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>>> [catalina.jar:6.0.32]
>>>        at
>>> com.googlecode.psiprobe.Tomcat60AgentValve.invoke(Tomcat60AgentValve.java:30)
>>> [tomcat60adaptor-2.2.1.jar:2.2.1]
>>>        at
>>> org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBinderValve.java:227)
>>> [catalina-ha.jar:6.0.32]
>>>        at
>>> org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.java:347)
>>> [catalina-ha.jar:6.0.32]
>>>        at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:647)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
>>> [catalina.jar:6.0.32]
>>>        at
>>> org.apache.coyote.ajp.AjpAprProcessor.process(AjpAprProcessor.java:429)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at
>>> org.apache.coyote.ajp.AjpAprProtocol$AjpConnectionHandler.process(AjpAprProtocol.java:384)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at
>>> org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1665)
>>> [tomcat-coyote.jar:6.0.32]
>>>        at java.lang.Thread.run(Thread.java:662) [na:1.6.0_24]
>>> 20:35:37.344 - TRACE
>>> [edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:332] -
>>> Looking up LoginContext with key c9f9399e-104b-4ede-a584-e22b60591e5d
>>> from StorageService parition: loginContexts
>>> 20:35:37.344 - TRACE
>>> [edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:338] -
>>> Retrieved LoginContext with key c9f9399e-104b-4ede-a584-e22b60591e5d
>>> from StorageService parition: loginContexts
>>> 20:35:37.344 - DEBUG
>>> [edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet:133]
>>> - Redirecting to login page /login.jsp
>>>
>>>
>>> --
>>>
>>> Thanks,
>>>
>>> Dan McLaughlin
>>>
>>>
>>> NOTICE: This e-mail message and all attachments transmitted with it
>>> are for the sole use of the intended recipient(s) and may contain
>>> confidential and privileged information. Any unauthorized review, use,
>>> disclosure or distribution is strictly prohibited. The contents of
>>> this e-mail are confidential and may be subject to work product
>>> privileges. If you are not the intended recipient, please contact the
>>> sender by reply e-mail and destroy all copies of the original message.
>>>
>>>
>>>
>>>
>>> On Wed, Jun 8, 2011 at 8:21 PM, Daniel Fisher
>>> <>
>>> wrote:
>>>> Try adding this to your jaas config:
>>>>
>>>> searchResultHandlers="edu.vt.middleware.ldap.handler.FqdnSearchResultHandler{{removeUrls=false}}"
>>>>
>>>> and then post your logs.
>>>>
>>>> --Daniel Fisher
>>>>
>>>> On Wed, Jun 8, 2011 at 8:31 PM, Dan McLaughlin
>>>> <>
>>>> wrote:
>>>>> After enabling DEBUG for shibboleth I'm seeing another exception that
>>>>> only shows up if DEBUG logging is enabled...  I've been stepping
>>>>> through the code with a debugger and I keep seeing it loop through
>>>>> readCompositeName multiple times returning the string "ldap:" for name
>>>>> (line 109) over and over again.  This code is all new to me, so I'm
>>>>> still trying to make since of what's going on.  Does any of this make
>>>>> since to you?
>>>>>
>>>>> 19:19:30.237 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:264]
>>>>> - Begin abort
>>>>> 19:19:30.301 - DEBUG
>>>>> [edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet:176]
>>>>> - User authentication for joe-c failed
>>>>> javax.security.auth.login.LoginException:
>>>>> java.lang.IllegalArgumentException
>>>>>        at java.net.URI.create(URI.java:842)
>>>>>        at
>>>>> edu.vt.middleware.ldap.handler.FqdnSearchResultHandler.processDn(FqdnSearchResultHandler.java:80)
>>>>>        at
>>>>> edu.vt.middleware.ldap.handler.CopySearchResultHandler.processResult(CopySearchResultHandler.java:64)
>>>>>        at
>>>>> edu.vt.middleware.ldap.handler.CopySearchResultHandler.processResult(CopySearchResultHandler.java:27)
>>>>>        at
>>>>> edu.vt.middleware.ldap.handler.AbstractResultHandler.process(AbstractResultHandler.java:84)
>>>>>        at
>>>>> edu.vt.middleware.ldap.AbstractLdap.search(AbstractLdap.java:231)
>>>>>        at
>>>>> edu.vt.middleware.ldap.auth.SearchDnResolver.resolve(SearchDnResolver.java:139)
>>>>>        at
>>>>> edu.vt.middleware.ldap.auth.Authenticator.getDn(Authenticator.java:106)
>>>>>        at
>>>>> edu.vt.middleware.ldap.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:74)
>>>>>        at
>>>>> edu.vt.middleware.ldap.auth.Authenticator.authenticate(Authenticator.java:320)
>>>>>        at
>>>>> edu.vt.middleware.ldap.auth.Authenticator.authenticate(Authenticator.java:277)
>>>>>        at
>>>>> edu.vt.middleware.ldap.jaas.JaasAuthenticator.authenticate(JaasAuthenticator.java:60)
>>>>>        at
>>>>> edu.vt.middleware.ldap.jaas.LdapLoginModule.login(LdapLoginModule.java:103)
>>>>>        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>>        at
>>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
>>>>>        at
>>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
>>>>>        at java.lang.reflect.Method.invoke(Method.java:597)
>>>>>        at
>>>>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
>>>>>        at
>>>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>>>>>        at
>>>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>>>>        at java.security.AccessController.doPrivileged(Native Method)
>>>>>        at
>>>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>>>>        at
>>>>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.authenticateUser(UsernamePasswordLoginServlet.java:160)
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.service(UsernamePasswordLoginServlet.java:106)
>>>>>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.idp.util.NoCacheFilter.doFilter(NoCacheFilter.java:49)
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter.doFilter(IdPSessionFilter.java:80)
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.common.log.SLF4JMDCCleanupFilter.doFilter(SLF4JMDCCleanupFilter.java:51)
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>>        at
>>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
>>>>>        at
>>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>>>>>        at
>>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>>>>>        at
>>>>> com.googlecode.psiprobe.Tomcat60AgentValve.invoke(Tomcat60AgentValve.java:30)
>>>>>        at
>>>>> org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBinderValve.java:227)
>>>>>        at
>>>>> org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.java:347)
>>>>>        at
>>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>>>>>        at
>>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>>>>        at
>>>>> org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:647)
>>>>>        at
>>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
>>>>>        at
>>>>> org.apache.coyote.ajp.AjpAprProcessor.process(AjpAprProcessor.java:429)
>>>>>        at
>>>>> org.apache.coyote.ajp.AjpAprProtocol$AjpConnectionHandler.process(AjpAprProtocol.java:384)
>>>>>        at
>>>>> org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1665)
>>>>>        at java.lang.Thread.run(Thread.java:662)
>>>>> Caused by: java.net.URISyntaxException: Expected scheme-specific part
>>>>> at index 5: ldap:
>>>>>        at java.net.URI$Parser.fail(URI.java:2809)
>>>>>        at java.net.URI$Parser.failExpecting(URI.java:2815)
>>>>>        at java.net.URI$Parser.parse(URI.java:3018)
>>>>>        at java.net.URI.<init>(URI.java:578)
>>>>>        at java.net.URI.create(URI.java:840)
>>>>>        ... 50 more
>>>>>
>>>>>        at
>>>>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:872)
>>>>> ~[na:1.6.0_24]
>>>>>        at
>>>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
>>>>> ~[na:1.6.0_24]
>>>>>        at
>>>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
>>>>> ~[na:1.6.0_24]
>>>>>        at java.security.AccessController.doPrivileged(Native Method)
>>>>> ~[na:1.6.0_24]
>>>>>        at
>>>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>>>> ~[na:1.6.0_24]
>>>>>        at
>>>>> javax.security.auth.login.LoginContext.login(LoginContext.java:579)
>>>>> ~[na:1.6.0_24]
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.authenticateUser(UsernamePasswordLoginServlet.java:160)
>>>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet.service(UsernamePasswordLoginServlet.java:106)
>>>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>>>        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>>>>> [servlet-api.jar:na]
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.idp.util.NoCacheFilter.doFilter(NoCacheFilter.java:49)
>>>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.idp.session.IdPSessionFilter.doFilter(IdPSessionFilter.java:80)
>>>>> [shibboleth-identityprovider-2.3.0.jar:na]
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> edu.internet2.middleware.shibboleth.common.log.SLF4JMDCCleanupFilter.doFilter(SLF4JMDCCleanupFilter.java:51)
>>>>> [shibboleth-common-1.3.0.jar:na]
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> com.googlecode.psiprobe.Tomcat60AgentValve.invoke(Tomcat60AgentValve.java:30)
>>>>> [tomcat60adaptor-2.2.1.jar:2.2.1]
>>>>>        at
>>>>> org.apache.catalina.ha.session.JvmRouteBinderValve.invoke(JvmRouteBinderValve.java:227)
>>>>> [catalina-ha.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.ha.tcp.ReplicationValve.invoke(ReplicationValve.java:347)
>>>>> [catalina-ha.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:647)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
>>>>> [catalina.jar:6.0.32]
>>>>>        at
>>>>> org.apache.coyote.ajp.AjpAprProcessor.process(AjpAprProcessor.java:429)
>>>>> [tomcat-coyote.jar:6.0.32]
>>>>>        at
>>>>> org.apache.coyote.ajp.AjpAprProtocol$AjpConnectionHandler.process(AjpAprProtocol.java:384)
>>>>> [tomcat-coyote.jar:6.0.32]
>>>>>        at
>>>>> org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1665)
>>>>> [tomcat-coyote.jar:6.0.32]
>>>>>        at java.lang.Thread.run(Thread.java:662) [na:1.6.0_24]
>>>>> 19:19:30.302 - TRACE
>>>>> [edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:332] -
>>>>> Looking up LoginContext with key 31608d9c-762f-4830-a836-2555b6e24cc9
>>>>> from StorageService parition: loginContexts
>>>>> 19:19:30.302 - TRACE
>>>>> [edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper:338] -
>>>>> Retrieved LoginContext with key 31608d9c-762f-4830-a836-2555b6e24cc9
>>>>> from StorageService parition: loginContexts
>>>>> 19:19:30.303 - DEBUG
>>>>> [edu.internet2.middleware.shibboleth.idp.authn.provider.UsernamePasswordLoginServlet:133]
>>>>> - Redirecting to login page /login.jsp
>>>>> 19:21:45.381 - TRACE [edu.vt.middleware.ldap.jaas.LdapLoginModule:264]
>>>>> - Begin abort
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Dan McLaughlin
>>>>>
>>>>> NOTICE: This e-mail message and all attachments transmitted with it
>>>>> are for the sole use of the intended recipient(s) and may contain
>>>>> confidential and privileged information. Any unauthorized review, use,
>>>>> disclosure or distribution is strictly prohibited. The contents of
>>>>> this e-mail are confidential and may be subject to work product
>>>>> privileges. If you are not the intended recipient, please contact the
>>>>> sender by reply e-mail and destroy all copies of the original message.
>>>>>
>>>>>
>>>>>
>>>>> On Wed, Jun 8, 2011 at 5:41 PM, Dan McLaughlin
>>>>> <>
>>>>> wrote:
>>>>>> You are correct that FqdnSearchResultHandler.java should have nothing
>>>>>> to do with the credential exception. Unless there is an exception
>>>>>> being swallowed somewhere.  My theory until I have a second to step
>>>>>> through it with the debugger is that there is some other exception
>>>>>> that occurs in FqdnSearchResultHandler.java when it is trying to read
>>>>>> the composite name that is eating an exception and things eventually
>>>>>> bubble up as a missing credential exception.
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>> Dan McLaughlin
>>>>>>
>>>>>>
>>>>>> NOTICE: This e-mail message and all attachments transmitted with it
>>>>>> are for the sole use of the intended recipient(s) and may contain
>>>>>> confidential and privileged information. Any unauthorized review, use,
>>>>>> disclosure or distribution is strictly prohibited. The contents of
>>>>>> this e-mail are confidential and may be subject to work product
>>>>>> privileges. If you are not the intended recipient, please contact the
>>>>>> sender by reply e-mail and destroy all copies of the original message.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Wed, Jun 8, 2011 at 11:11 AM, Daniel Fisher
>>>>>> <>
>>>>>> wrote:
>>>>>>> On Wed, Jun 8, 2011 at 2:07 AM, Dan McLaughlin
>>>>>>> <>
>>>>>>> wrote:
>>>>>>>> Hi Daniel,
>>>>>>>>
>>>>>>>> What allowed me to get past the invalid credential error in vt-ldap
>>>>>>>> 3.3.3 was to revert...
>>>>>>>>
>>>>>>>
>>>>>>> This change has nothing to do with the credential (password). If
>>>>>>> you're seeing that error the password is either null or empty.
>>>>>>>
>>>>>>>> "1877   4/5/11 9:42 AM  4       dfisher SearchResult#getName()
>>>>>>>> returns a string
>>>>>>>> representing a composite name, not necessarily an LDAP DN. Use a
>>>>>>>> CompositeName to parse it correctly. Add test case for entries with
>>>>>>>> special characters. Fixes vt-ldap 109."
>>>>>>>>
>>>>>>>> There was a problem parsing the fqdn url and then things died from
>>>>>>>> there...  I didn't spend too much time trying to figure out why b/c I
>>>>>>>> have to get IdP 2.3.0 up and running by the morning.
>>>>>>>
>>>>>>> Died how? Was there an exception? Post the trace log and I'll try to
>>>>>>> decipher it.
>>>>>>>
>>>>>>> --Daniel Fisher
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>



Archive powered by MHonArc 2.6.16.

Top of Page