Authenticate user by LDAP server
Environment: WLS6.0 Netscape Directory Server 4.1
I have successful protect a servlet and authenticate user by "File Realm". But I can't authenticate user by "Security Realm(LDAP). Pls tell me any configure I miss.
======weblogic.xml entites========
<security-rike-assignment>
<role-name>manager</role-name>
<principal-name>joan</principal-name>
<principal-name>awang</principal-name>
</security-role-assignment>
(the user joan has defined in "File Realm", and there is a user in LDAP: uid=awang, ou=IT, dc=CMD)
And why the user "awang" can't access the servlet (the username field enter "awang"; the password filed enter "awang123")
=====config.xml entities=====
<LDAPRealm AuthProtocol="simple" Crdential="awang123" GroupDN="dc=CMD" GroupIsContext="false" LDAPURL="ldap://127.0.0.1:389" Name="defaultLDAPRealmForNetscapeDirectoryServer" Principal="uid=awang, ou=IT, dc=CMD" UserAuthentication="local" UserDN="dc=CMD" UserNameAttribute="uid"
You can use jsp's and servlets.
Have a .jsp (i.e. login.jsp) that has 2 fields username / password and a submit button i.e.
<form method="post" action="/servlet/LoginServlet">
<input type="text" size="15" name="username" value="">
<input type="password" size="15" name="password" value="">
<input type="submit" name="Submit" value="Authenticate">
</form>In your servlet (i.e. LoginServlet) is where you retrieve the username / password by doing something like:
public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String username = request.getParameter("username");
String password = request.getParameter("password");
}You would now do your LDAP authentication. see http://java.sun.com/products/jndi/tutorial/ldap/security/ldap.html
Depending on whether the authentication was successful or not you would redirect the user to an error page or to the next .jsp (i.e changePassword.jsp) where they can change their password.
Similar Messages
-
Fatal error 78: Cannot connect to User Group LDAP Server
After configuring Calendar server when trying to start:
give following error:
# ./start-cal
Restarting calendar services
Stopping all calendar services
Starting all calendar services
# enpd is started
csnotifyd is started
csadmind is started
Fatal error 78: Cannot connect to User Group LDAP Server
cshttpd is not started
Calendar service(s) not started
cshttpd is not started
Calendar service(s) not started
Following logs are from http logs of calendar server
[13/Sep/2004:22:02:47 +0100] Vigor11 cshttpd[17916]: General Information: Log created (1095109367)
[13/Sep/2004:22:02:47 +0100] Vigor11 cshttpd[17916]: General Notice: Sun Java System Calendar Server 6 2004Q2 (built Apr 28 2004) cshttpd starting up
[13/Sep/2004:22:02:47 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd attempting to open Counters Database
[13/Sep/2004:22:02:47 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd successfully opened the Counters Database
[13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: HTTP Module is refreshing
[13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd is refreshing
[13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd is refreshed
[13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: HTTP Module has refreshed
[13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd: argc=3 argv[0]=/opt/SUNWics5/cal/lib/cshttpd
[13/Sep/2004:22:02:48 +0100] Vigor11 cshttpd[17916]: General Notice: session_init: attempting to open session database for cshttpd
[13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: General Notice: session_init: session database open completed for cshttpd
[13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: Store Critical: Error checking session database: DB->set_alloc: method not permitted in shared environment
[13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: General Notice: LdapCacheInit: Ldap Cache not enabled.
[13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: General Notice: cshttpd_parse_commandline: successfully bind process 17916 to processor 0
[13/Sep/2004:22:02:49 +0100] Vigor11 cshttpd[17916]: General Critical: Fatal error 78: Cannot connect to User Group LDAP Server
Have any body seen this before.
RegardsThe server was running fine for few months until i restarted the calendar server. i started to see the same error and the problem was the machine name got changed at some point.
I added the old hostname to the /etc/hosts file and restarted the calender server and it started to work fine. -
Can't start server -- Fatal error: Cannot connect to user group ldap server
After installing iCS 2.1, iCS 2.1p1, and iCS 2.1p3, a user will receive the
following error message when trying to start the server:
<P>
Fatal error: Cannot connect to user group ldap server.
<P>
In addition, the Directory Server access logs will contain the following
entry:
<P>
-0400] conn=125 op=1 SRCH base="dc=ldgw-llc,dc=com" scope=2
filter="(objectclass=People)"
In the server.conf file,
check the local.enduseradmindn
parameter. The parameter
should appear as follows:
<P>
uid=admin,ou=Administrators,ou=TopologyManagement,o=NetscapeRoot
<P>
If the parameter contains
"calmaster" or any user
other than "admin,"
change it to match the line above.Hi,
I am getting the same error, kindly let me know how did you solved this problem
Thanks
Ahmad -
Hi,
I am doing a connection to a LDAP server from Java code. Everything was fine for several days. But today I noticed that I don't execute an unbind operation and decided to put the necessary code. So I used InitialContext.unbind(). The result was that on the first execution of my program everything was OK. But on the second execution I was not able to bind to the server at all with the constructor of InitialLdapContext class even after restarting the machine from which I execute the Java code and the machine with the server. So it went that the admin user I was using for bind and unbind credentials was deleted. I am sure that the unbind() method is causing the problem because I actually broke the two LDAPs that I have (testing referrals...).
Now I use close() method instead of the unbind() method and everything is OK but I wonder how is this possible and why is it not documented?I can't imagine documenting something like "This method will delete the admin user from your server". If that's the case then it's a bug, not something to be documented. Report it to whoever wrote your Java implementation. If that's Sun, then here:
http://bugs.sun.com/bugdatabase/login.do
You might also want to look into your LDAP server and see if it's a known bug there. -
Failed to authenticate user to ACS 5.1 with LDAP as external identity storage
Hi , I have an ACS and Open-LDAP server running on my company network.
Now, I 'm setting up a new linksys WAP-54G and choose WPA2-Enterprise option with ACS as the radius server.
first thing first, I created new internal user on ACS, and trying to join the wireless network from my computer. I made it....
then, I'm moving on external entity (LDAP Server). I've set up the LDAP configuration and identity sequence, also select it on access service. but when I tried to authenticate from my computer, an error was occurred. I received :
the following error 22056 Subject not found in the applicable identity store (s)
Wonder 'bout this thing, I set up a cisco 1841 router to become AAA client. and surprisingly... it works !!!
so, is there any problem to authenticate from windows platform to ACS (pointing to LDAP) ?
any suggestion ?
thanksThis is the log when using windows 7 as authentication client (Failed) :
Steps
11001 Received RADIUS Access-Request
11017 RADIUS created a new session
Evaluating Service Selection Policy
15004 Matched rule
15012 Selected Access Service - Default Network Access
11507 Extracted EAP-Response/Identity
12500 Prepared EAP-Request proposing EAP-TLS with challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12301 Extracted EAP-Response/NAK requesting to use PEAP instead
12300 Prepared EAP-Request proposing PEAP with challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12302 Extracted EAP-Response containing PEAP challenge-response and accepting PEAP as negotiated
12318 Successfully negotiated PEAP version 0
12800 Extracted first TLS record; TLS handshake started.
12805 Extracted TLS ClientHello message.
12806 Prepared TLS ServerHello message.
12807 Prepared TLS Certificate message.
12810 Prepared TLS ServerDone message.
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12318 Successfully negotiated PEAP version 0
12812 Extracted TLS ClientKeyExchange message.
12804 Extracted TLS Finished message.
12801 Prepared TLS ChangeCipherSpec message.
12802 Prepared TLS Finished message.
12816 TLS handshake succeeded.
12310 PEAP full handshake finished successfully
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12313 PEAP inner method started
11521 Prepared EAP-Request/Identity for inner EAP method
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
11522 Extracted EAP-Response/Identity for inner EAP method
11806 Prepared EAP-Request for inner method proposing EAP-MSCHAP with challenge
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
11808 Extracted EAP-Response containing EAP-MSCHAP challenge-response for inner method and accepting EAP-MSCHAP as negotiated
Evaluating Identity Policy
15006 Matched Default Rule
15013 Selected Identity Store -
22043 Current Identity Store does not support the authentication method; Skipping it.
24210 Looking up User in Internal Users IDStore - xxxxx
24216 The user is not found in the internal users identity store.
22016 Identity sequence completed iterating the IDStores
22056 Subject not found in the applicable identity store(s).
22058 The advanced option that is configured for an unknown user is used.
22061 The 'Reject' advanced option is configured in case of a failed authentication request.
11815 Inner EAP-MSCHAP authentication failed
11520 Prepared EAP-Failure for inner EAP method
22028 Authentication failed and the advanced options are ignored.
12305 Prepared EAP-Request with another PEAP challenge
11006 Returned RADIUS Access-Challenge
11001 Received RADIUS Access-Request
11018 RADIUS is re-using an existing session
12304 Extracted EAP-Response containing PEAP challenge-response
12307 PEAP authentication failed
11504 Prepared EAP-Failure
11003 Returned RADIUS Access-Reject
This is the log when using 1841 router as authentication client (succeded) :
Steps
11001 Received RADIUS Access-Request
11017 RADIUS created a new session
11049 Settings of RADIUS default network will be used
Evaluating Service Selection Policy
15004 Matched rule
15012 Selected Access Service - Default Network Access
Evaluating Identity Policy
15006 Matched Default Rule
15013 Selected Identity Store - LDAPyyyy
24031 Sending request to primary LDAP server
24015 Authenticating user against LDAP Server
24022 User authentication succeeded
22037 Authentication Passed
22023 Proceed to attribute retrieval
22038 Skipping the next IDStore for attribute retrieval because it is the one we authenticated against
24210 Looking up User in Internal Users IDStore - xxxxx
24216 The user is not found in the internal users identity store.
22016 Identity sequence completed iterating the IDStores
Evaluating Group Mapping Policy
Evaluating Exception Authorization Policy
15042 No rule was matched
Evaluating Authorization Policy
15006 Matched Default Rule
15016 Selected Authorization Profile - Permit Access
11002 Returned RADIUS Access-Accept
I realized that Windows is using PEAP-MSCHAPv2 while Router is using PAP-ASCII as it's protocol.
so now, why PEAP-MSCHAPv2 can't authenticate to LDAP ?
is there anything I can do to make it work ? -
ASA Remote Access Authentication with LDAP Server
Thank you in advance for your help.
I am configuring an ASA to authenticate with a ldap server for ipsec vpn access. My customer has 3 networks that are to be accessed by remote users. However they want to be able to say that one user can get to 2 of the networks and not the 3rd. So basically they want control over what network behind the firewall each user can access. This seems doable from my reading and I had planned to creating a group for each network that needs accessible and either do attribute maps to each group with a separate group created on the ldap server for authentication. Basically a ldap group on the ldap server that will have the users name in the group in order for access. I can restrict access via acl's or filtering to force my group to only be allowed access to a specific network. Here is the problem I am having now.
The ldap server has been created and seems to be working fine. I have created my AAA groups and servers and I have done the ldap test with a test user vpntest and a password on the ldap server. When I run the authentication test from the ADSM or command line I get a good authentication successful message. So I configured a vpn client remotely and attempted to authenticate to this group and it says there is no user by that name. Below is a paste of the debug. The second part is when I did a successful test from the ASDM or CLI and it worked great. The first part is when I attempted from the vpn client. It all looks the same from the search criteria. What am I missing here or does anyone more knowledgeable see anything that I am doing wrong. Can this be done this way or should I try radius. The customer was just adament about using ldap.
extvpnasa5510#
[243] Session Start
[243] New request Session, context 0xd5713fe0, reqType = 1
[243] Fiber started
[243] Creating LDAP context with uri=ldaps://130.18.22.44:636
[243] Connect to LDAP server: ldaps://130.18.22.44:636, status = Successful
[243] supportedLDAPVersion: value = 2
[243] supportedLDAPVersion: value = 3
[243] No Login DN configured for server 130.18.22.44
[243] Binding as administrator
[243] Performing Simple authentication for to 130.18.22.44
[243] LDAP Search:
Base DN = [ou=employees,o=msues]
Filter = [uid=vpntest]
Scope = [SUBTREE]
[243] User DN = [uid=vpntest,ou=employees,o=msues]
[243] Talking to iPlanet server 130.18.22.44
[243] No results returned for iPlanet global password policy
[243] Fiber exit Tx=386 bytes Rx=414 bytes, status=-1
[243] Session End
extvpnasa5510#
[244] Session Start
[244] New request Session, context 0xd5713fe0, reqType = 1
[244] Fiber started
[244] Creating LDAP context with uri=ldaps://130.18.22.44:636
[244] Connect to LDAP server: ldaps://130.18.22.44:636, status = Successful
[244] supportedLDAPVersion: value = 2
[244] supportedLDAPVersion: value = 3
[244] No Login DN configured for server 130.18.22.44
[244] Binding as administrator
[244] Performing Simple authentication for to 130.18.22.44
[244] LDAP Search:
Base DN = [ou=employees,o=msues]
Filter = [uid=vpntest]
Scope = [SUBTREE]
[244] User DN = [uid=vpntest,ou=employees,o=msues]
[244] Talking to iPlanet server 130.18.22.44
[244] Binding as user
[244] Performing Simple authentication for vpntest to 130.18.22.44
[244] Processing LDAP response for user vpntest
[244] Authentication successful for vpntest to 130.18.22.44
[244] Retrieved User Attributes:
[244] sn: value = test user
[244] givenName: value = vpn
[244] uid: value = vpntest
[244] cn: value = vpn test user
[244] objectClass: value = top
[244] objectClass: value = person
[244] objectClass: value = organizationalPerson
[244] objectClass: value = inetOrgPerson
[244] Fiber exit Tx=284 bytes Rx=414 bytes, status=1
[244] Session EndHi Larry,
You can map AD group memberships to specific group policies on the ASA, you can find that configuration here:
- http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91831-mappingsvctovpn.html
Let me know if further assistance is required!
Please proceed to rate and mark as correct the helpful Post!
David Castro,
Regards, -
How can i get all the users from weblogic server?
how can i get all the users from weblogic server?
i have configurated a LDAP server using iPlanet and
in weblogic server console i see those users from LDAP
server. but how can i get all the users in my program
from weblogic server instead of LDAP server?
BTW,how to configure a RDBMSAuthenticator and what should i do
in Oracle? which tables should i create? and how are their architectures?
Thanks
DanielBTW, i use weblogic platform 8.1
"Daniel" <[email protected]> дÈëÓʼþ
news:[email protected]..
how can i get all the users from weblogic server?
i have configurated a LDAP server using iPlanet and
in weblogic server console i see those users from LDAP
server. but how can i get all the users in my program
from weblogic server instead of LDAP server?
BTW,how to configure a RDBMSAuthenticator and what should i do
in Oracle? which tables should i create? and how are their architectures?
Thanks
Daniel -
Authenticate Users Using an LDAP Server
Hi,
I did implement 'Authenticate Users Using an LDAP Server' according the link blow below.
[http://www.oracle.com/technology/products/database/application_express/howtos/how_to_ldap_authenticate.html]
It works OK to specific DN String, example 'cn=%LDAP_USER%,OU=Menahel,OU=Cmp,DC=ho,DC=discount'.
We have a lot of domain rules, mean the users not located at the same DN.
Is it possibale to use general DN string (base root) like 'cn=%LDAP_USER%,*,*,DC=ho,DC=discount?
Thanks in advance,
ShayAugusto, one thing to check (since it caught me out) is that your LDAP entries conform to the right format, namely
"cn=Bob" etc
When I was integrating HTMLDB LDAP against a Sun One Directory Server, it had me scratching my head for ages, until I realised that the LDAP entries had been created in the format of -
"uid=bob" rather than "cn=bob"
This might not be your problem, but it's worth checking anyway ;) -
Install Sun ONE Directory Server 5,2 & how to use it for authenticate user
Good afternoon, Excuse, are newbie in the scope I am learning and putting desire to him, this in my situation I am trying to install Sun ONE Directory Server 5,2 since I understand that this it is application LDAP for Solaris, ok I want to install it to authenticate user against the system, that is to say, to be able to acces the server entering with a created user from the data base of LDAP and make think user that his created in the system. But the documentation that I finds indicates the installation of Sun ONE Directory Server 5,2 but it not clearly about how to use it for authentication. Some one have any manual step by step of Sun ONE Directory Server 5,2 installation and how to make it for authentication systems users.
I read the forum seeking for anwser and i get confuse
Thanks for the help and sorry for any inconvenient
Message was edited by:
Aku_28
Message was edited by:
Aku_28I think that I found the Sun endorsed book locations for using LDAP accounts that don't use authentication besides "crypt". I now can use an account with a "ssha" password. It can be more than 8 characters long.
Chapter 14 System Administration Guide: Naming and Directory Services
Read page 201 which is the pam.conf file pam_ldap setups. I edited my "/etc/pam.conf" file to reflect this
Chapter 7 Directory Server 5.2 2005Q4 - Administration Guide
Read page 316-318 which has a graphical technique to specify password syntax. I set it up and then tried the password by running "su - brahms". It now requires a longer password than 8 characters and it is set up to use "ssha" for that UID entry "brahms". -
How to enable security with users from an LDAP server
Hello all
My company is using a 10.1.3 Oracle LDAP server and I would like to authenticate users of my application against it.
Can anyone point to the correct documentation?
Thanks in advance
ThanassisThanks for your reply
I 've gone through "Introduction to ADF Security in JDeveloper 10.1.3.2" and also Chapter 30 of "Application Development Framework Developer's Guide For Forms/4GL Developers"
There still one thing I cannot understand : Where do I define the mapping between LDAP users and security roles?
THanassis -
Authenticate partial SSO users using LDAP
Hi all,
Is it possible to authenticate a group of the Portal users using an LDAP server, i.e. not to authenticate all the users using the LDAP server. I want to do this because we have a large number of customers (over 100,000) which are already defined in the LDAP server and I donot want to re-create them into the Portal login server, also I have many Portal users defined normally using the Portal "Add User". And if there is no such option, then is it smooth to move from database authentication to the LDAP server authentication (reference for the steps is appreciated)? We are using iPlanet LDAP server which is LDAP v3 compliant.
Best to allOf course, Single Sign-On implies that you are using a portal, or a cunningly-configured BSP. NTLM is only an option if using a Windows-based IIS as a proxy to your Unix box. Otherwise, you need to use the SPNEGO login module, which is not on general release (it is available on a consulting basis only - see Michael Sambeth at SAP).
Until SAP use UME within the ABAP core, I don't see an elegant solution to this.
- Darren -
Deploy authenticate VPN using LDAP AD (with user group)
Hi,
I'm stucking in configuration of LDAP Server with authenticate for VPN user using group in Windows Domain. I would like to create a group like "vpn-group" in Domain. If someone want to vpn, I just have to add that user in the group "vpn-group" then I can connect to the company.
Here is my configuration
aaa new-model
aaa authentication login userauthen local group ldap
aaa authorization network groupauthor local
ldap attribute-map map1
map type sAMAccountName username
ldap server server1
ipv4 192.168.0.5
attribute map map1
bind authenticate root-dn cn=administrator,cn=users,dc=test,dc=local password 7 0235114B0E144E621518
base-dn cn=vpn-group,cn=users,dc=test,dc=local
Please advice me.I got it working by including the AD security group in the search-filter
search-filter user-object-type User)(memberOf=CN=vpn-group,OU=Security groups,OU=company,DC=test,DC=local -
Getting HTTP 500 Error When Trying To Authenticate Against LDAP Server (Active Directory)
Hello,
I am currently facing an issue when I try and use LDAP authentication in my Apex application as I am getting a HTTP 500 Internal Server Error message. For my authentication scheme I have used the pre-configured option of how to connect to an LDAP server and in my development environment this seems to be working fine but now I have deployed my application to our staging environment and I am getting the error. If I switch to the Application Express Authentication scheme then I don't get the error.
I've had a look at the log file on the server and I see I am getting this error:
[#|2015-03-31T16:19:11.254+0100|SEVERE|glassfish3.1.2|null|_ThreadID=21;_ThreadName=Thread-2;|JDBCException [kind=UNAVAILABLE]
at oracle.dbtools.common.jdbc.JDBCException.wrap(JDBCException.java:99)
at oracle.dbtools.common.config.db.DatabaseConfig.getConnection(DatabaseConfig.java:81)
at oracle.dbtools.common.jdbc.ora.OraPrincipal.connection(OraPrincipal.java:69)
at oracle.dbtools.apex.ModApexContext.getConnection(ModApexContext.java:372)
at oracle.dbtools.apex.OWA.getStatement(OWA.java:536)
at oracle.dbtools.apex.OWA.init(OWA.java:308)
at oracle.dbtools.apex.ModApex.doPost(ModApex.java:138)
at oracle.dbtools.apex.ModApex.service(ModApex.java:303)
at oracle.dbtools.rt.web.HttpEndpointBase.modApex(HttpEndpointBase.java:347)
at oracle.dbtools.rt.web.HttpEndpointBase.service(HttpEndpointBase.java:130)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:662)
Caused by: java.sql.SQLException: Exception occurred while getting connection: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use
at oracle.ucp.util.UCPErrorHandler.newSQLException(UCPErrorHandler.java:488)
at oracle.ucp.util.UCPErrorHandler.throwSQLException(UCPErrorHandler.java:163)
at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:928)
at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:863)
at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:855)
at oracle.dbtools.common.config.db.DatabaseConfig.getConnection(DatabaseConfig.java:71)
... 33 more
Caused by: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use
at oracle.ucp.util.UCPErrorHandler.newUniversalConnectionPoolException(UCPErrorHandler.java:368)
at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:49)
at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:80)
at oracle.ucp.util.UCPErrorHandler.throwUniversalConnectionPoolException(UCPErrorHandler.java:131)
at oracle.ucp.common.UniversalConnectionPoolImpl.borrowConnectionWithoutCountingRequests(UniversalConnectionPoolImpl.java:279)
at oracle.ucp.common.UniversalConnectionPoolImpl.borrowConnection(UniversalConnectionPoolImpl.java:142)
at oracle.ucp.jdbc.JDBCConnectionPool.borrowConnection(JDBCConnectionPool.java:157)
at oracle.ucp.jdbc.PoolDataSourceImpl.getConnection(PoolDataSourceImpl.java:916)
... 36 more
So it seems that every time I try and use LDAP I hit this error. Also after awhile I have to re-start the Apex Listener for that domain. I have came across this thread: LDAP Authentication Question but I am not sure if the user got the problem solved or not.
Our infrastructure is as follows:
Database: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit
Apex Listener: 2.0.3.221.10.13
GlassFish Server Open Source Edition 3.1.2.2 (build 5)
If anybody has any idea what is causing this that would be great.
Cheers,
Paul.Hi Colm,
Thanks for getting back to me on this. I have downloaded and created a new ORDS server with 2.0.10 and while I don't get the error:
Exception occurred while getting connection: oracle.ucp.UniversalConnectionPoolException: All connections in the Universal Connection Pool are in use
I am now getting the following (I have turned on the logging)
No more data to read from socket java.sql.SQLRecoverableException: No more data to read from socket
at oracle.jdbc.driver.T4CMAREngine.unmarshalUB1(T4CMAREngine.java:1157) at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:345)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:223) at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:531)
at oracle.jdbc.driver.T4CCallableStatement.doOall8(T4CCallableStatement.java:205)
at oracle.jdbc.driver.T4CCallableStatement.executeForRows(T4CCallableStatement.java:1043)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1336)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3612)
at oracle.jdbc.driver.OraclePreparedStatement.execute(OraclePreparedStatement.java:3713)
at oracle.jdbc.driver.OracleCallableStatement.execute(OracleCallableStatement.java:4755)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.execute(OraclePreparedStatementWrapper.java:1378)
at sun.reflect.GeneratedMethodAccessor1991.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.ucp.jdbc.proxy.StatementProxyFactory.invoke(StatementProxyFactory.java:230)
at oracle.ucp.jdbc.proxy.PreparedStatementProxyFactory.invoke(PreparedStatementProxyFactory.java:124)
at oracle.ucp.jdbc.proxy.CallableStatementProxyFactory.invoke(CallableStatementProxyFactory.java:101)
at $Proxy432.execute(Unknown Source) at oracle.dbtools.apex.OWA.execute(OWA.java:145)
at oracle.dbtools.apex.ModApex.handleRequest(ModApex.java:201)
at oracle.dbtools.apex.ModApex.doPost(ModApex.java:152)
at oracle.dbtools.apex.ModApex.service(ModApex.java:303)
at oracle.dbtools.rt.web.HttpEndpointBase.modApex(HttpEndpointBase.java:350)
at oracle.dbtools.rt.web.HttpEndpointBase.service(HttpEndpointBase.java:132)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:662)
I cant see anything glaring that is causing this. I have also increased the Minimum Connections to 30 and Maximum Connections to 100 with the administration part of Configuring ORDS via SQL Developer and it still has no desired effect.
The application works fine in our Development and Testing Environment but since I have ported it over to our production instance I am unable to log into it using my Active Directory credentials.
Cheers,
Paul. -
How to use company users on existing ldap server as EP6.0 sp2 Users?
Hi everybody
Our company user data is on a LDAP server we want to connect our EP6 UME to this existing LDAP server so that existing company users can access the Portal with their company id and password. What configuration we should do on the portal ?
thanks and regards
RajendraHi!
Look at Admin Guide:
Administration Guide->Portal Platform->System Administration->User Management Configuration->Configuration of Data Sources Used for User Management->Defining an LDAP Directory as a Data Source
WBR, Lnk -
after upgraded to windows 2008 server, our mac os x wiki server can't authenticate user password anymore. How can I re-bind the wiki server to the AD again? thanks in advance.
Solved it by deleting the user and creating a new one with the same userID.
Maybe it occured because I marked the "user has to change password after first login" box when resetting the password but didn't yet allow him to do so in the webpages menu?!?
Maybe you are looking for
-
How can I mark an appointment as ""private" on my calendar?
Is it possible to mark appointments as private on my iPhone and iPad as I can on my PC? If so, how? This is a critical feature for most business people, and needs to be added if has not already. This is a simple feature that is very important to most
-
Special characters added in offline approval email
Hi all, We are on SRM 5.0 SP13 ,ECS We are facing an issue with the outbound emails sent out from SRM system for offline approval for both shopping carts and PO. In the main body of the email,some some special characters like ^A are being added at t
-
Everything that has to do with burning a CD/DVD unexpectedly quits!!!!
When I am in 10.4.5 (or when I had 10.4.4) I cannot burn with Toast, iTunes, iDVD, etc. However, I have an Ext. HD with 10.4.2 and don't have any problem burning CDs/DVDs at all. I recently upgraded my CDR/DVD-ROM with a Superdrive from OWC (MATSHITA
-
When i go to my photos and am viewing a picture it will not let me set it as my background or anything else dealing with the button in the top right corner between trash and slideshow. When i click onit it turns gray and my photo app freezes. Help Al
-
Function module to execute the program in the background.
Hi Experts, I have two reports i am calling report2 from report1. Here the problem is i wanted to pass the input parameters using the "submit" statement and i wanted only one field value from the report2... whcih is used in report1 and i dont wa