Help with LDAP 2.1 configuration
175 views
Skip to first unread message
Bindu Boinapalli
Apr 25, 2017, 4:43:56 PM4/25/17
to SonarQube
Hi,
I got issue while trying to set LDAP configuration in SonarQube, Please can someone help me.
SonarQube version - 5.6
LDAP - 2.1
Installed LDAP plugin in SonarQube
sonar.properties-
sonar.security.savePassword=false
sonar.security.realm=LDAP
ldap.url=ldaps://ed.hpi.net:636
ldap.user.baseDn=o=hp.com
ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail
sonar.log-
2017.04.25 15:32:21 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=o=hp.com, request=(&(objectClass=inetOrgPerson)(uid={0})), realNameAttribute=cn, emailAttribute=mail}
2017.04.25 15:32:21 INFO web[o.s.p.l.LdapSettingsManager] Groups will not be synchronized, because property 'ldap.group.baseDn' is empty.
2017.04.25 15:32:24 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection: FAIL
2017.04.25 15:32:24 ERROR web[o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.PlatformServletContextListener
org.sonar.plugins.ldap.LdapException: Unable to open LDAP connection
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:206) ~[na:na]
at org.sonar.plugins.ldap.LdapRealm.init(LdapRealm.java:63) ~[na:na]
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:84) ~[sonar-server-5.6.6.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_121]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:320) ~[sonar-core-5.6.6.jar:na]
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:141) ~[sonar-core-5.6.6.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:655) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.Platform.start(Platform.java:216) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.Platform.startLevel34Containers(Platform.java:190) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:113) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:99) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:44) ~[sonar-server-5.6.6.jar:na]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_121]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_121]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_121]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_121]
Caused by: javax.naming.CommunicationException: simple bind failed: ed.hpicorp.net:636
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219) ~[na:1.8.0_121]
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2788) ~[na:1.8.0_121]
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[na:1.8.0_121]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[na:1.8.0_121]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[na:1.8.0_121]
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[na:1.8.0_121]
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[na:1.8.0_121]
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[na:1.8.0_121]
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[na:1.8.0_121]
at javax.naming.InitialContext.init(InitialContext.java:244) ~[na:1.8.0_121]
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:1.8.0_121]
at org.sonar.plugins.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:129) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:92) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:202) ~[na:na]
... 33 common frames omitted
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) ~[na:1.8.0_121]
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) ~[na:1.8.0_121]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) ~[na:1.8.0_121]
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) ~[na:1.8.0_121]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514) ~[na:1.8.0_121]
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) ~[na:1.8.0_121]
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026) ~[na:1.8.0_121]
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961) ~[na:1.8.0_121]
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[na:1.8.0_121]
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[na:1.8.0_121]
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) ~[na:1.8.0_121]
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) ~[na:1.8.0_121]
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) ~[na:1.8.0_121]
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) ~[na:1.8.0_121]
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:426) ~[na:1.8.0_121]
at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:399) ~[na:1.8.0_121]
at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359) ~[na:1.8.0_121]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214) ~[na:1.8.0_121]
... 46 common frames omitted
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) ~[na:1.8.0_121]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[na:1.8.0_121]
at sun.security.validator.Validator.validate(Validator.java:260) ~[na:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[na:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[na:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[na:1.8.0_121]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496) ~[na:1.8.0_121]
... 59 common frames omitted
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) ~[na:1.8.0_121]
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) ~[na:1.8.0_121]
at sun.security.validator.Validator.validate(Validator.java:260) ~[na:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) ~[na:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) ~[na:1.8.0_121]
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) ~[na:1.8.0_121]
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496) ~[na:1.8.0_121]
... 59 common frames omitted
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) ~[na:1.8.0_121]
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) ~[na:1.8.0_121]
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) ~[na:1.8.0_121]
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) ~[na:1.8.0_121]
... 65 common frames omitted
2017.04.25 15:32:24 ERROR web[o.a.c.c.StandardContext] One or more listeners failed to start. Full details will be found in the appropriate container log file
2017.04.25 15:32:27 INFO web[o.a.c.u.SessionIdGeneratorBase] Creation of SecureRandom instance for session ID generation using [SHA1PRNG] took [3,563] milliseconds.
2017.04.25 15:32:27 ERROR web[o.a.c.c.StandardContext] Context [] startup failed due to previous errors
2017.04.25 15:32:27 WARN web[o.a.c.l.WebappClassLoaderBase] The web application [ROOT] appears to have started a thread named [Abandoned connection cleanup thread] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
java.lang.Object.wait(Native Method)
java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:143)
com.mysql.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionCleanupThread.java:43)
2017.04.25 15:32:27 INFO web[o.a.c.h.Http11NioProtocol] Starting ProtocolHandler ["http-nio-0.0.0.0-9000"]
2017.04.25 15:32:27 INFO web[o.s.s.a.TomcatAccessLog] Web server is started
2017.04.25 15:32:27 INFO web[o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000
2017.04.25 15:32:27 WARN web[o.s.p.ProcessEntryPoint] Fail to start web
java.lang.IllegalStateException: Webapp did not start
at org.sonar.server.app.EmbeddedTomcat.isUp(EmbeddedTomcat.java:84) ~[sonar-server-5.6.6.jar:na]
at org.sonar.server.app.WebServer.isUp(WebServer.java:47) [sonar-server-5.6.6.jar:na]
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:105) ~[sonar-process-5.6.6.jar:na]
at org.sonar.server.app.WebServer.main(WebServer.java:68) [sonar-server-5.6.6.jar:na]
2017.04.25 15:32:27 INFO web[o.a.c.h.Http11NioProtocol] Pausing ProtocolHandler ["http-nio-0.0.0.0-9000"]
2017.04.25 15:32:27 INFO web[o.a.c.h.Http11NioProtocol] Stopping ProtocolHandler ["http-nio-0.0.0.0-9000"]
2017.04.25 15:32:27 INFO web[o.a.c.h.Http11NioProtocol] Destroying ProtocolHandler ["http-nio-0.0.0.0-9000"]
2017.04.25 15:32:27 INFO web[o.s.s.a.TomcatAccessLog] Web server is stopped
2017.04.25 15:32:28 INFO app[o.s.p.m.Monitor] Process[es] is stopping
2017.04.25 15:32:28 INFO es[o.s.p.StopWatcher] Stopping process
2017.04.25 15:32:28 INFO es[o.elasticsearch.node] [sonar-1493152322965] stopping ...
2017.04.25 15:32:28 INFO es[o.elasticsearch.node] [sonar-1493152322965] stopped
2017.04.25 15:32:28 INFO es[o.elasticsearch.node] [sonar-1493152322965] closing ...
2017.04.25 15:32:28 INFO es[o.elasticsearch.node] [sonar-1493152322965] closed
2017.04.25 15:32:29 INFO app[o.s.p.m.Monitor] Process[es] is stopped
<-- Wrapper Stopped
Thanks in advance.
Thanks,
Bindu
G. Ann Campbell
Apr 26, 2017, 7:24:27 AM4/26/17
to SonarQube
Hi Bindu,
From your stacktrace:
Caused by: javax.naming.CommunicationException: simple bind failed: ed.hpicorp.net:636
...
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
A little googling tells me this is about importing your server's certificate.
Ann
Bindu Boinapalli
May 3, 2017, 9:45:25 AM5/3/17
to SonarQube
Thanks Ann, after installing certificates it was working fine.
Bindu Boinapalli
May 4, 2017, 10:48:38 PM5/4/17
to SonarQube
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/d6e2becd-8807-4c96-a243-43d75cc534f3%40googlegroups.com.--
You received this message because you are subscribed to a topic in the Google Groups "SonarQube" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/sonarqube/cvlOZ7Pxsdw/unsubscribe.
To unsubscribe from this group and all its topics, send an email to sonarqube+unsubscribe@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages