尝试通过sonarqube连接到LDAP时出现这些错误:
2016.09.13 09:35:16 DEBUG web [o.s.p.l.LdapUsersProvider]请求用户sonartester的详细信息 2016.09.13 09:35:16 DEBUG web [osplLdapSearch]搜索:LdapSearch {baseDn = cn = Users,dc = mydomain ,dc = com,scope = subtree,request =(&(objectClass) = user)(sAMAccountName = {0})),parameters = [sonartester],attributes = [mail,cn]} 2016.09.13 09:35:16 DEBUG web [osplLdapContextFactory]初始化LDAP上下文{java.naming.provider.url = ldap:// myip :389,java.naming.factory.initial = com .sun.jndi.ldap.LdapCtxFactory,com.sun.jndi.ldap.connect.pool = true,java.naming.security.authentication = simple,java.naming.security.sasl.realm = mydomain .com,java.naming.referral = follow} 2016.09.13 09:35:16 DEBUG web [osplLdapUsersProvider] [LDAP:错误代码1 - 000004DC:LdapErr:DSID-0C090728,注释:为了执行此操作,必须在连接上完成成功绑定。,数据0 ,v2580] javax.naming.NamingException:[LDAP:错误代码1 - 000004DC:LdapErr:DSID-0C090728,注释:为了执行此操作,必须在连接上完成成功绑定。,data 0,v2580]
...
2016.09.13 09:35:16 DEBUG web [o.s.p.l.LdapUsersProvider]找不到用户sonartester 2016.09.13 09:35:16 ERROR web [o.s.s.a.RealmAuthenticator]认证失误 org.sonar.api.utils.SonarException:无法检索用户sonartester的详细信息 2016.09.13 09:35:16 DEBUG web [o.s.p.l.LdapUsersProvider]未找到用户sonartester 2016.09.13 09:35:16 ERROR web [o.s.s.a.RealmAuthenticator]认证失误 org.sonar.api.utils.SonarException:无法在
中检索用户sonartester的详细信息
我创建了用户OU中的用户SONARTEST以及my-group的成员。 该组也位于Users OU中。 这是我的配置:
sonar.security.realm=LDAP
sonar.authenticator.createUsers=true
ldap.url=ldap://myip:389
ldap.bindDn.=cn=someusername,ou=Users,o=mydomain
ldap.bindPassword.=somepassword
ldap.authentication=simple
ldap.realm=mydomain.com
ldap.user.baseDn=cn=Users,dc=mydomain,dc=com
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.group.baseDn=ou=Users,dc=mydomain,dc=com
ldap.group.request=(&(objectClass=my-group)(member={dn}))
ldap.group.idAttribute=sAMAccountName
用于绑定的用户具有所有必要的权限,也可以在Users OU中找到。我使用相同的用户连接到 confluence 上的ldap,一切都很顺利。 如果有人可以帮助我,那就太棒了。 Thaks
感谢Nicolas的回复
在重新启动无法启动的服务时,删除这些点会产生另一个错误。
2016.09.13 15:46:00 INFO web[org.sonar.INFO] Security realm: LDAP
2016.09.13 15:46:00 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=cn=Users,dc=mydomain,dc=com, request=(&(objectClass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2016.09.13 15:46:01 INFO web[o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=ou=Users,dc=mydomain,dc=com, idAttribute=sAMAccountName, requiredUserAttributes=[dn], request=(&(objectClass=mygroup)(member={0}))}
2016.09.13 15:46:01 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=cn=someusername,ou=Users,o=mydomain, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow}
2016.09.13 15:46:02 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection: FAIL
2016.09.13 15:46:02 ERROR web[o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.PlatformServletContextListener
java.lang.IllegalStateException: Unable to open LDAP connection
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:146) ~[na:na]
at org.sonar.plugins.ldap.LdapRealm.init(LdapRealm.java:64) ~[na:na]
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:84) ~[sonar-server-6.0.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_91]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_91]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_91]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_91]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:320) ~[sonar-core-6.0.jar:na]
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:141) ~[sonar-core-6.0.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:687) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.start(Platform.java:216) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.startLevel34Containers(Platform.java:190) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:113) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:99) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:44) ~[sonar-server-6.0.jar:na]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_91]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_91]
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3135) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3081) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[na:1.8.0_91]
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[na:1.8.0_91]
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[na:1.8.0_91]
at javax.naming.InitialContext.init(InitialContext.java:244) ~[na:1.8.0_91]
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:1.8.0_91]
at org.sonar.plugins.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:95) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:83) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:142) ~[na:na]
... 33 common frames omitted
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] One or more listeners failed to start. Full details will be found in the appropriate container log file
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] Context [] startup failed due to previous errors
2016.09.13 15:46:02 WARN web[o.a.c.l.WebappClassLoaderBase] The web application [ROOT] appears to have started a thread named [Abandoned connection cleanup thread] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
java.lang.Object.wait(Native Method)
java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:143)
com.mysql.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionCleanupThread.java:43)
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Starting ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:02 INFO web[o.s.s.a.TomcatAccessLog] Web server is started
2016.09.13 15:46:02 INFO web[o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000
2016.09.13 15:46:02 WARN web[o.s.p.ProcessEntryPoint] Fail to start web
java.lang.IllegalStateException: Webapp did not start
at org.sonar.server.app.EmbeddedTomcat.isUp(EmbeddedTomcat.java:84) ~[sonar-server-6.0.jar:na]
at org.sonar.server.app.WebServer.isUp(WebServer.java:47) [sonar-server-6.0.jar:na]
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:105) ~[sonar-process-6.0.jar:na]
at org.sonar.server.app.WebServer.main(WebServer.java:68) [sonar-server-6.0.jar:na]
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Pausing ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Stopping ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Destroying ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.s.s.a.TomcatAccessLog] Web server is stopped
2016.09.13 15:46:03 INFO app[o.s.p.m.Monitor] Process[es] is stopping
2016.09.13 15:46:04 INFO es[o.s.p.StopWatcher] Stopping process
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopping ...
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopped
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closing ...
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closed
2016.09.13 15:46:04 INFO app[o.s.p.m.Monitor] Process[es] is stopped
<-- Wrapper Stopped
telnet到IP和端口389工作
我创建了一个密码更简单的新用户(没有特殊字符) 错误更改为以下内容:
引起:javax.naming.AuthenticationException:[LDAP:错误代码49 - 80090308:LdapErr:DSID-0C0903C5,注释:AcceptSecurityContext错误,数据52e,v2580]
答案 0 :(得分:1)
更改了部分
ldap.bindDn = cn = someusername,ou = Users,o = mydomain
到
ldap.bindDn =someusername@mydomain.com
并且有效
答案 1 :(得分:0)
第一期
这是您错误中的真正问题:
为了执行此操作,必须在连接上完成成功绑定
根据LDAP Plugin documentation,这些是您应为SonarQube配置以绑定到服务器的属性: ldap.bindDn 和 ldap.bindPassword 。
然后,看着你的配置:
ldap.bindDn.=cn=someusername,ou=Users,o=mydomain
ldap.bindPassword.=somepassword
看到那些尾随的点?删除它们应该让 bind 操作更好。
第二期 您的Active Directory返回了一个详细错误:
[LDAP:错误代码49 - 80090308:LdapErr:DSID-0C0903C5,评论:AcceptSecurityContext错误,数据52e,v2580]
error code 49(data 52e)是有趣的部分。关于LDAP错误代码的一些谷歌搜索会为您带来here,例如:
49 - LDAP_INVALID_CREDENTIALS - 表示在绑定操作期间发生以下情况之一:客户端传递了错误的DN或密码,或密码错误,因为它已过期,入侵者检测已锁定帐户或其他类似原因。有关详细信息,请参阅数据代码。
底线:修复凭据。