Hi all..
My environment is Rundeck server 1.6.2 instaled with rpm in RHEL6u4 against Openldap 2.4
I'm trying to authenticate rundeck against my ldap
This is my jaas-ldap.conf
ldap {
com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule sufficient
debug="true"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
providerUrl="ldap://XXX.YYY.ZZ:389"
bindDn="cn=binduser,dc=XXXX,dc=XXX"
bindPassword="bindpass"
authenticationMethod="simple"
forceBindingLogin="false"
userBaseDn="ou=usuariosXXX,dc=XXXX,dc=XX"
userRdnAttribute="uid"
userIdAttribute="uid"
userPasswordAttribute="userPassword"
userObjectClass="posixAccount"
roleBaseDn="ou=grupos,dc=XXXX,dc=XX"
roleNameAttribute="cn"
roleUsernameMemberAttribute="uniqueMember"
roleMemberAttribute="uniqueMember"
roleObjectClass="groupOfUniqueNames"
cacheDurationMillis="300000"
reportStatistics="true";
};
This is my :admin.aclpolicy
description: Super Admin, all access.
context:
project: '.*' # all projects
for:
resource:
- allow: '*' # allow read/create all kinds
adhoc:
- allow: '*' # allow running/killing adhoc jobs
job:
- allow: '*' # allow read/write/delete/run/kill of all jobs
node:
- allow: '*' # allow read/run for all nodes
by:
group: [groupcn]
---
In the ldap log I see only bind.
I suppose that this is right, because it returns one entry
Rundeck must search the group ?
slapd[28720]: conn=75444 op=0 BIND dn="cn=binduser,dc=XXXX,dc=XX" method=128
slapd[28720]: conn=75444 op=0 BIND dn="cn=binduser,dc=XXXX,dc=XX" mech=SIMPLE ssf=0
slapd[28720]: conn=75444 op=0 RESULT tag=97 err=0 text=
slapd[28720]: conn=75444 op=1 SRCH base="ou=usuariosXXXX,dc=XXXX,dc=XX" scope=2 deref=3 filter="(&(objectClass=posixAccount)(uid=USER))"
slapd[28720]: conn=75444 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
slapd[28720]: conn=75444 op=2 SRCH base="ou=usuariosXXXX,dc=XXXX,dc=XX" scope=2 deref=3 filter="(&(objectClass=posixAccount)(uid=USER))"
conn=75444 op=2 SEARCH RESULT tag=101 err=0 nentries=1 text=
In the rundeck log I see a stack trace
java.lang.NumberFormatException: K7
at org.mortbay.util.TypeUtil.parseInt(TypeUtil.java:345)
at org.mortbay.util.TypeUtil.parseBytes(TypeUtil.java:391)
at org.mortbay.jetty.security.Credential$MD5.<init>(Credential.java:117)
at org.mortbay.jetty.security.Credential.getCredential(Credential.java:63)
at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.getUserInfo(JettyCachingLdapLoginModule.java:252)
at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.login(JettyCachingLdapLoginModule.java:465)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.mortbay.jetty.plus.jaas.JAASUserRealm.authenticate(JAASUserRealm.java:231)
at org.mortbay.jetty.security.FormAuthenticator$FormCredential.authenticate(FormAuthenticator.java:284)
at org.mortbay.jetty.security.FormAuthenticator.authenticate(FormAuthenticator.java:137)
at org.mortbay.jetty.security.SecurityHandler.check(SecurityHandler.java:441)
at org.mortbay.jetty.security.SecurityHandler.checkSecurityConstraints(SecurityHandler.java:269)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:191)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:536)
at org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:930)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:747)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:405)
at org.mortbay.jetty.bio.SocketConnector$Connection.run(SocketConnector.java:228)
at org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
2013-11-13 13:27:53.987::WARN: javax.security.auth.login.LoginException: Error obtaining user info.
2013-11-13 13:27:53.987::WARN: AUTH FAILURE: user USER
Could any help me?
Thanks in advance
Alfonso