Highlighted
New Member.
345 views

LDAP authentication not working after upgrade to 10.2

Jump to solution

I just did an upgrade to 10.2 and I cannot get LDAP authentication to work properly.  I can see the groups I defined and the users in those groups, but when I attempt to login it does not allow access to the tool.  I turned on debugging and am seeing this in the bsf_security.log:

 

2015-04-06 15:58:06,788  DEBUG  [qtp444574957-306] - <<< Entering findUser with the following parameters: uid = it547, userAttributeNames = [Ljava.lang.String;@6f305164
2015-04-06 15:58:06,788  DEBUG  [qtp444574957-306] - <<< Entering createConnectionAndConnect with the following parameters: com.hp.sw.bto.ast.security.uum.UserManagementLDAPConfiguration@4d2fb543
2015-04-06 15:58:06,788  DEBUG  [qtp444574957-306] - >>> Exiting createConnectionAndConnect with the connection
2015-04-06 15:58:06,788  DEBUG  [qtp444574957-306] - Calling LDAP search with the following parameters: base = DC=mmacct,DC=root,DC=mds, scope2, filter = (&(objectclass=user)(&(objectClass = user)(sAMAccountName = it547))), searchAttributes = [givenname, sn, mail, entrydn, sAMAccountName, cn, objectclass], attrsOnly = false
2015-04-06 15:58:06,788  DEBUG  [qtp444574957-306] - Received the LDAP result set of the size = 1
2015-04-06 15:58:06,788  DEBUG  [qtp444574957-306] - LDAP entry from result set (will be ignored if not of user type): LDAPEntry: CN=Adam C. Cole,OU=InfoServ,OU=CorporateUGW,DC=mmacct,DC=root,DC=mds; LDAPAttributeSet: LDAPAttribute {type='objectClass', values='top,person,organizationalPerson,user'} LDAPAttribute {type='cn', values='Adam C. Cole'} LDAPAttribute {type='sn', values='Cole'} LDAPAttribute {type='givenName', values='Adam'} LDAPAttribute {type='sAMAccountName', values='IT547'} LDAPAttribute {type='mail', values='adam.cole@securian.com'}
2015-04-06 15:58:06,803  DEBUG  [qtp444574957-306] - >>> Exiting findUser with the following result: [ IT547, Adam C. Cole, {mail=[adam.cole@securian.com], sn=[Cole], givenname=[Adam]} ]
2015-04-06 15:58:06,803  DEBUG  [qtp444574957-306] - can not getCookieValue, cookie is null
2015-04-06 15:58:06,803  DEBUG  [qtp444574957-306] - LWSSO cookie or query parameter does not exist in the request, therefore skipping the validation. RequestInfo is [RequestURL is [http://localhost:8080/ucmdb-ui/login_page.jsp]; Request Method [GET]; RequestQuery is [null]; ].
2015-04-06 15:58:06,803  DEBUG  [qtp444574957-306] - validate() - end. Ret [false]. RequestInfo is [RequestURL is [http://localhost:8080/ucmdb-ui/login_page.jsp]; Request Method [GET]; RequestQuery is [null]; ].
2015-04-06 15:58:06,803  DEBUG  [qtp444574957-306] - ValidationPointSecurityContext(ValidationPointContextConfig, LWSSOContextConfig, HttpServletRequest) - start
2015-04-06 15:58:06,803  DEBUG  [qtp444574957-306] - getAuthNRequestURL() - start
2015-04-06 15:58:06,803  WARN   [qtp444574957-306] - ValidationPoint can not redirect, since authenicationPointServer [] or authenicationPointURL [secure/authenicationPointURL.jsp] is null. RequestInfo is [RequestURL is [http://localhost:8080/ucmdb-ui/login_page.jsp]; Request Method [GET]; RequestQuery is [null]; ].
2015-04-06 15:58:06,803  DEBUG  [qtp444574957-306] - getAuthNRequestURL() - end.  Ret is [null].
2015-04-06 16:01:51,886  DEBUG  [qtp444574957-336] - can not getCookieValue, cookie is null
2015-04-06 16:01:51,886  DEBUG  [qtp444574957-336] - LWSSO cookie or query parameter does not exist in the request, therefore skipping the validation. RequestInfo is [RequestURL is [http://localhost:8080/ucmdb-ui/cms/loginRequest.do;]; Request Method [POST]; RequestQuery is [null]; Params: Name [originalParameters]; Value []; Name [isEncoded]; Value [false]; Name [forwardURL]; Value [/applet/applet.jsp]; Name [userName]; Value [admin]; Name [customerID]; Value [1]; Name [password]; Value [PROTECTED]; ].
2015-04-06 16:01:51,886  DEBUG  [qtp444574957-336] - validate() - end. Ret [false]. RequestInfo is [RequestURL is [http://localhost:8080/ucmdb-ui/cms/loginRequest.do;]; Request Method [POST]; RequestQuery is [null]; Params: Name [originalParameters]; Value []; Name [isEncoded]; Value [false]; Name [forwardURL]; Value [/applet/applet.jsp]; Name [userName]; Value [admin]; Name [customerID]; Value [1]; Name [password]; Value [PROTECTED]; ].

 

I'm seeing this in the error.log:

2015-04-06 15:58:06,803  WARN   [qtp444574957-306] (ValidationPointSecurityContext.java:111) - ValidationPoint can not redirect, since authenicationPointServer [] or authenicationPointURL [secure/authenicationPointURL.jsp] is null. RequestInfo is [RequestURL is [http://localhost:8080/ucmdb-ui/login_page.jsp]; Request Method [GET]; RequestQuery is [null]; ].
2015-04-06 16:00:00,008  WARN   [QuartzScheduler_QuartzSchedulerThread] (PropertySettingJobFactory.java:223) - No setter on Job class appilog.server.newscheduler.schedulerjobrunner.JobsRunner for property 'scheduler_schedulable_datamap'
2015-04-06 16:00:00,008  WARN   [QuartzScheduler_QuartzSchedulerThread] (PropertySettingJobFactory.java:223) - No setter on Job class appilog.server.newscheduler.schedulerjobrunner.JobsRunner for property 'scheduler_context_datamap'
2015-04-06 16:01:53,042  ERROR  [qtp444574957-336] (CmdbConnectorImpl.java:167) - User name or password are wrong - failed to login on UCMDB
2015-04-06 16:01:53,042  WARN   [qtp444574957-336] (ValidationPointSecurityContext.java:111) - ValidationPoint can not redirect, since authenicationPointServer [] or authenicationPointURL [secure/authenicationPointURL.jsp] is null. RequestInfo is [RequestURL is [http://localhost:8080/ucmdb-ui/login_page.jsp]; Request Method [GET]; RequestQuery is [null]; ].
2015-04-06 16:02:36,152  WARN   [qtp444574957-336] (ValidationPointSecurityContext.java:111) - ValidationPoint can not redirect, since authenicationPointServer [] or authenicationPointURL [secure/authenicationPointURL.jsp] is null. RequestInfo is [RequestURL is [http://localhost:8080/ucmdb-ui/applet/applet.jsp]; Request Method [GET]; RequestQuery is [null]; ].

 

Any thoughts?  LDAP was working fine before the upgrade.

 

0 Likes
1 Solution

Accepted Solutions
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: LDAP authentication not working after upgrade to 10.2

Jump to solution

Hi There,

 

Could you apply CUP1 for 10.20? this has fix for ldap issue.

 

Thanks,

 

Yilmaz

View solution in original post

0 Likes
1 Reply
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: LDAP authentication not working after upgrade to 10.2

Jump to solution

Hi There,

 

Could you apply CUP1 for 10.20? this has fix for ldap issue.

 

Thanks,

 

Yilmaz

View solution in original post

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.