Gerrit - LDAP auth failed

690 views
Skip to first unread message

Richard

unread,
Dec 24, 2010, 6:02:38 PM12/24/10
to Repo and Gerrit Discussion
Hi,

I got error (javax.naming.ServiceUnavailableException) in log when I
tried LDAP authentication for Gerrit, but I could connect to the same
LDAP server using same user/password from same client machine.

I googled and could not find any post about Gerrit
+ServiceUnavailableException. Any idea?

=====================================================
[2010-12-24 17:50:19,544] ERROR
com.google.gerrit.server.auth.ldap.LdapRealm : Cannot query LDAP to
autenticate user
javax.naming.ServiceUnavailableException: openldapprd.corp.company.ca:
636; socket closed
at com.sun.jndi.ldap.Connection.readReply(Connection.java:419)
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:340)
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:
192)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2694)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at
com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at
com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at
com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:
136)
at
com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:
66)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:
667)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at
javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:
82)
at com.google.gerrit.server.auth.ldap.Helper.open(Helper.java:
86)

=====================================================
My config is:
=====================================================
[auth]
type = LDAP
[ldap]
server = ldap://openldapprd.corp.company.ca:636
username = cn=ssrprlookup,ou=shared-ldap,dc=company,dc=ca
accountBase = dc=company,dc=ca
groupBase = dc=company,dc=ca
[container]
javaOptions = -Djava.naming.referral=follow
=====================================================

Thanks,
Richard

Richard

unread,
Dec 24, 2010, 7:02:29 PM12/24/10
to Repo and Gerrit Discussion
Everything is fine. To anybody who has issue for LDAP authentication,
here is my working config (review_site/etc/gerrit.config).

=====================================================
[auth]
        type = LDAP
[ldap]
sslVerify = true
        server = ldaps://openldapprd.corp.company.ca:636
        username = cn=ssrprlookup,ou=shared-ldap,dc=company,dc=ca
        accountBase = dc=company,dc=ca
        groupBase = dc=company,dc=ca
[container]
javaOptions = -Djavax.net.ssl.trustStore=truststore-file-with-
full-path -Djavax.net.ssl.keyStoreType=jks
=====================================================
Reply all
Reply to author
Forward
0 new messages