Sonarqube LDAP:错误代码 1 和 49
Sonarqube LDAP: error code 1 and 49
我在尝试通过 sonarqube 连接到 LDAP 时遇到这些错误:
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] Requesting details for user sonartester
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapSearch] Search: LdapSearch{baseDn=cn=Users,dc=mydomain,dc=com, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[sonartester], attributes=[mail, cn]}
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow}
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]
javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]
....
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] User sonartester not found in
2016.09.13 09:35:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication
org.sonar.api.utils.SonarException: Unable to retrieve details for user sonartester in
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] User sonartester not found in
2016.09.13 09:35:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication
org.sonar.api.utils.SonarException: Unable to retrieve details for user sonartester in
我创建了在用户 OU 中找到的用户 SONARTEST 和 my-group 的成员。
该组也可以在用户 OU 中找到。
这是我的配置:
sonar.security.realm=LDAP
sonar.authenticator.createUsers=true
ldap.url=ldap://myip:389
ldap.bindDn.=cn=someusername,ou=Users,o=mydomain
ldap.bindPassword.=somepassword
ldap.authentication=simple
ldap.realm=mydomain.com
ldap.user.baseDn=cn=Users,dc=mydomain,dc=com
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.group.baseDn=ou=Users,dc=mydomain,dc=com
ldap.group.request=(&(objectClass=my-group)(member={dn}))
ldap.group.idAttribute=sAMAccountName
用于绑定的用户拥有所有必要的权限,并且也可以在用户 OU 中找到。我使用同一个用户连接到 confluence 上的 ldap,一切正常。
如果有人能帮助我,那就太好了。
塔克斯
感谢尼古拉斯的回复
删除点会在重新启动无法启动的服务时产生另一个错误。
2016.09.13 15:46:00 INFO web[org.sonar.INFO] Security realm: LDAP
2016.09.13 15:46:00 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=cn=Users,dc=mydomain,dc=com, request=(&(objectClass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2016.09.13 15:46:01 INFO web[o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=ou=Users,dc=mydomain,dc=com, idAttribute=sAMAccountName, requiredUserAttributes=[dn], request=(&(objectClass=mygroup)(member={0}))}
2016.09.13 15:46:01 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=cn=someusername,ou=Users,o=mydomain, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow}
2016.09.13 15:46:02 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection: FAIL
2016.09.13 15:46:02 ERROR web[o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.PlatformServletContextListener
java.lang.IllegalStateException: Unable to open LDAP connection
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:146) ~[na:na]
at org.sonar.plugins.ldap.LdapRealm.init(LdapRealm.java:64) ~[na:na]
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:84) ~[sonar-server-6.0.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_91]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_91]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_91]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_91]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.start(ComponentContainer.java:320) ~[sonar-core-6.0.jar:na]
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:141) ~[sonar-core-6.0.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:687) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.start(Platform.java:216) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.startLevel34Containers(Platform.java:190) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:113) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:99) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:44) ~[sonar-server-6.0.jar:na]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_91]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_91]
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3135) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3081) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[na:1.8.0_91]
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[na:1.8.0_91]
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[na:1.8.0_91]
at javax.naming.InitialContext.init(InitialContext.java:244) ~[na:1.8.0_91]
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:1.8.0_91]
at org.sonar.plugins.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:95) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:83) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:142) ~[na:na]
... 33 common frames omitted
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] One or more listeners failed to start. Full details will be found in the appropriate container log file
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] Context [] startup failed due to previous errors
2016.09.13 15:46:02 WARN web[o.a.c.l.WebappClassLoaderBase] The web application [ROOT] appears to have started a thread named [Abandoned connection cleanup thread] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
java.lang.Object.wait(Native Method)
java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:143)
com.mysql.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionCleanupThread.java:43)
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Starting ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:02 INFO web[o.s.s.a.TomcatAccessLog] Web server is started
2016.09.13 15:46:02 INFO web[o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000
2016.09.13 15:46:02 WARN web[o.s.p.ProcessEntryPoint] Fail to start web
java.lang.IllegalStateException: Webapp did not start
at org.sonar.server.app.EmbeddedTomcat.isUp(EmbeddedTomcat.java:84) ~[sonar-server-6.0.jar:na]
at org.sonar.server.app.WebServer.isUp(WebServer.java:47) [sonar-server-6.0.jar:na]
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:105) ~[sonar-process-6.0.jar:na]
at org.sonar.server.app.WebServer.main(WebServer.java:68) [sonar-server-6.0.jar:na]
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Pausing ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Stopping ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Destroying ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.s.s.a.TomcatAccessLog] Web server is stopped
2016.09.13 15:46:03 INFO app[o.s.p.m.Monitor] Process[es] is stopping
2016.09.13 15:46:04 INFO es[o.s.p.StopWatcher] Stopping process
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopping ...
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopped
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closing ...
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closed
2016.09.13 15:46:04 INFO app[o.s.p.m.Monitor] Process[es] is stopped
<-- Wrapper Stopped
telnet 到 IP 和端口 389 有效
我创建了一个密码更简单的新用户(无特殊字符)
错误更改为以下内容:
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
第一期
这是您错误中的真正问题:
In order to perform this operation a successful bind must be completed on the connection
根据 LDAP Plugin documentation,这些是您应该为 SonarQube 配置以绑定到您的服务器的属性:ldap.bindDn 和 ldap.bindPassword .
但是,看看你的配置:
ldap.bindDn.=cn=someusername,ou=Users,o=mydomain
ldap.bindPassword.=somepassword
看到那些尾随的点了吗?删除它们应该会让 bind 操作更好地工作。
第二期
您的 Active Directory 返回详细错误:
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
error code 49 (data 52e) 是有趣的部分。对 LDAP 错误代码进行一些谷歌搜索可以为您带来 here 例如:
49 - LDAP_INVALID_CREDENTIALS - Indicates that during a bind operation one of the following occurred: The client passed either an incorrect DN or password, or the password is incorrect because it has expired, intruder detection has locked the account, or another similar reason. See the data code for more information.
底线:修复凭据。
更改了部分
ldap.bindDn =cn=someusername,ou=Users,o=mydomain
至
ldap.bindDn =someusername@mydomain.com
成功了
我在尝试通过 sonarqube 连接到 LDAP 时遇到这些错误:
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] Requesting details for user sonartester 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapSearch] Search: LdapSearch{baseDn=cn=Users,dc=mydomain,dc=com, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[sonartester], attributes=[mail, cn]} 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow} 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580] javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]
....
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] User sonartester not found in 2016.09.13 09:35:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication org.sonar.api.utils.SonarException: Unable to retrieve details for user sonartester in 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] User sonartester not found in 2016.09.13 09:35:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication org.sonar.api.utils.SonarException: Unable to retrieve details for user sonartester in
我创建了在用户 OU 中找到的用户 SONARTEST 和 my-group 的成员。 该组也可以在用户 OU 中找到。 这是我的配置:
sonar.security.realm=LDAP
sonar.authenticator.createUsers=true
ldap.url=ldap://myip:389
ldap.bindDn.=cn=someusername,ou=Users,o=mydomain
ldap.bindPassword.=somepassword
ldap.authentication=simple
ldap.realm=mydomain.com
ldap.user.baseDn=cn=Users,dc=mydomain,dc=com
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.group.baseDn=ou=Users,dc=mydomain,dc=com
ldap.group.request=(&(objectClass=my-group)(member={dn}))
ldap.group.idAttribute=sAMAccountName
用于绑定的用户拥有所有必要的权限,并且也可以在用户 OU 中找到。我使用同一个用户连接到 confluence 上的 ldap,一切正常。 如果有人能帮助我,那就太好了。 塔克斯
感谢尼古拉斯的回复
删除点会在重新启动无法启动的服务时产生另一个错误。
2016.09.13 15:46:00 INFO web[org.sonar.INFO] Security realm: LDAP
2016.09.13 15:46:00 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=cn=Users,dc=mydomain,dc=com, request=(&(objectClass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2016.09.13 15:46:01 INFO web[o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=ou=Users,dc=mydomain,dc=com, idAttribute=sAMAccountName, requiredUserAttributes=[dn], request=(&(objectClass=mygroup)(member={0}))}
2016.09.13 15:46:01 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=cn=someusername,ou=Users,o=mydomain, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow}
2016.09.13 15:46:02 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection: FAIL
2016.09.13 15:46:02 ERROR web[o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.PlatformServletContextListener
java.lang.IllegalStateException: Unable to open LDAP connection
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:146) ~[na:na]
at org.sonar.plugins.ldap.LdapRealm.init(LdapRealm.java:64) ~[na:na]
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:84) ~[sonar-server-6.0.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_91]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_91]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_91]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_91]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.start(ComponentContainer.java:320) ~[sonar-core-6.0.jar:na]
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:141) ~[sonar-core-6.0.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:687) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.start(Platform.java:216) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.startLevel34Containers(Platform.java:190) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:113) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:99) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:44) ~[sonar-server-6.0.jar:na]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_91]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_91]
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3135) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3081) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[na:1.8.0_91]
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[na:1.8.0_91]
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[na:1.8.0_91]
at javax.naming.InitialContext.init(InitialContext.java:244) ~[na:1.8.0_91]
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:1.8.0_91]
at org.sonar.plugins.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:95) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:83) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:142) ~[na:na]
... 33 common frames omitted
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] One or more listeners failed to start. Full details will be found in the appropriate container log file
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] Context [] startup failed due to previous errors
2016.09.13 15:46:02 WARN web[o.a.c.l.WebappClassLoaderBase] The web application [ROOT] appears to have started a thread named [Abandoned connection cleanup thread] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
java.lang.Object.wait(Native Method)
java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:143)
com.mysql.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionCleanupThread.java:43)
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Starting ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:02 INFO web[o.s.s.a.TomcatAccessLog] Web server is started
2016.09.13 15:46:02 INFO web[o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000
2016.09.13 15:46:02 WARN web[o.s.p.ProcessEntryPoint] Fail to start web
java.lang.IllegalStateException: Webapp did not start
at org.sonar.server.app.EmbeddedTomcat.isUp(EmbeddedTomcat.java:84) ~[sonar-server-6.0.jar:na]
at org.sonar.server.app.WebServer.isUp(WebServer.java:47) [sonar-server-6.0.jar:na]
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:105) ~[sonar-process-6.0.jar:na]
at org.sonar.server.app.WebServer.main(WebServer.java:68) [sonar-server-6.0.jar:na]
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Pausing ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Stopping ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Destroying ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.s.s.a.TomcatAccessLog] Web server is stopped
2016.09.13 15:46:03 INFO app[o.s.p.m.Monitor] Process[es] is stopping
2016.09.13 15:46:04 INFO es[o.s.p.StopWatcher] Stopping process
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopping ...
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopped
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closing ...
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closed
2016.09.13 15:46:04 INFO app[o.s.p.m.Monitor] Process[es] is stopped
<-- Wrapper Stopped
telnet 到 IP 和端口 389 有效
我创建了一个密码更简单的新用户(无特殊字符) 错误更改为以下内容:
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
第一期
这是您错误中的真正问题:
In order to perform this operation a successful bind must be completed on the connection
根据 LDAP Plugin documentation,这些是您应该为 SonarQube 配置以绑定到您的服务器的属性:ldap.bindDn 和 ldap.bindPassword .
但是,看看你的配置:
ldap.bindDn.=cn=someusername,ou=Users,o=mydomain
ldap.bindPassword.=somepassword
看到那些尾随的点了吗?删除它们应该会让 bind 操作更好地工作。
第二期 您的 Active Directory 返回详细错误:
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
error code 49 (data 52e) 是有趣的部分。对 LDAP 错误代码进行一些谷歌搜索可以为您带来 here 例如:
49 - LDAP_INVALID_CREDENTIALS - Indicates that during a bind operation one of the following occurred: The client passed either an incorrect DN or password, or the password is incorrect because it has expired, intruder detection has locked the account, or another similar reason. See the data code for more information.
底线:修复凭据。
更改了部分
ldap.bindDn =cn=someusername,ou=Users,o=mydomain
至
ldap.bindDn =someusername@mydomain.com
成功了