Summary: | JNDIRealm throws exception after timeout / Connection reset | ||
---|---|---|---|
Product: | Tomcat 7 | Reporter: | Thomas Hoffmann <Thomas.Hoffmann> |
Component: | Catalina | Assignee: | Tomcat Developers Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | P2 | ||
Version: | 7.0.41 | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | All |
Description
Thomas Hoffmann
2013-08-28 12:54:09 UTC
Here is our configuration (some values are censored): <Realm className="org.apache.catalina.realm.JNDIRealm" connectionName="cn=xxx" connectionPassword="xxx" adCompat="true" allRolesMode ="authOnly" connectionTimeout="3000" connectionURL="ldap://srv1:389" alternateURL="ldap://srv2:389" userBase="ou=xxx" userSearch="(sAMAccountName={0})" userSubtree="true" roleSubtree="true" roleBase="ou=xxx" roleName="cn" roleSearch="(member={0})" /> This bug report only contains statements of fact. It does not identify what the problem is. Arguably, a valid warning is being logged. There is no clear issue that needs addressing. A bug report needs to include at least one of: - what happened that you did not expect to happen - what didn't happen that you expected to happen Thanks for your comment! I assumed that some users failed to logon because of this error. According to the code in JNDIRealm.java, Tomcat will try once more after encoutering the above error. Maybe it would be an improvement to change the wording, e.g. "failed to authenticate... trying again..." or something like that. Thank you for your quick reply! This has been fixed for trunk and 7.0.x and will be included in 8.0.0-RC2 onwards and 7.0.43 onwards. The log messages for connection errors where the action is automatically re-tried has been reduced from WARN to INFO and the log message makes clear that the action is being re-tried. |