ldap integration

pawan gandhi wrote:

Hi Everyone,

I am trying to set user roles in hudson. Tried ldap configuations but getting error while doing server entries.

Manage Hudson>>Manage System>> Enable Security >> ldap

While entering value in server textbox (<ip>:389) it say as red color error next to text box

Unable to connect to ldaps://172.26.151.156: javax.naming.CommunicationException: anonymous bind failed: 172.26.151.156:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]


Any help will be greatly appreciated.

Thanks
Pawan

Florian R. wrote:

Hi,

does your LDAP-Server allow anonymous binds? If not you have to click on Advanced and add Manager DN and Password (this should be a user which can connect and read the directory, I recommend to test it using a dedicated LDAP Client).

Florian

pawan gandhi wrote:

Hi Everyone,

I am trying to set user roles in hudson. Tried ldap configuations but getting error while doing server entries.

Manage Hudson>>Manage System>> Enable Security >> ldap

While entering value in server textbox (<ip>:389) it say as red color error next to text box

Unable to connect to ldaps://172.26.151.156: javax.naming.CommunicationException: anonymous bind failed: 172.26.151.156:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]


Any help will be greatly appreciated.

Thanks
Pawan

pawan gandhi wrote:

I have tried again by giving all required values and it did not give me any red bold error on any of the test boxes while entering all info. Then i saved. Checked apache tomcat logs, no errro

A login link came at top right side. When i try to login, it says

Invalid login. The error logs shows below thing. Any idea? It means it is able to reach up to ldap server but authenication is failed. I am using same as for my company system user.

org.acegisecurity.BadCredentialsException: Bad credentials
        at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
        at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
        at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
        at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
        at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
        at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
        at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
        at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
        at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
        at java.lang.Thread.run(Thread.java:595)
Oct 28, 2009 11:21:47 PM hudson.ExpressionFactory2$JexlExpression evaluate
WARNING: Caught exception evaluating: if (request.session.attribute('from')!=null) request.session.getAttribute('from');  else if (request.getParameter('from')!=null) request.getParameter('from'); else if (request.requestURI=='/loginError' || request.requestURI=='/login') '/'; else request.requestURI;. Reason: java.lang.reflect.InvocationTargetException

Florian R. wrote:

Hi,

does your LDAP-Server allow anonymous binds? If not you have to click on Advanced and add Manager DN and Password (this should be a user which can connect and read the directory, I recommend to test it using a dedicated LDAP Client).

Florian

pawan gandhi wrote:

Hi Everyone,

I am trying to set user roles in hudson. Tried ldap configuations but getting error while doing server entries.

Manage Hudson>>Manage System>> Enable Security >> ldap

While entering value in server textbox (<ip>:389) it say as red color error next to text box

Unable to connect to ldaps://172.26.151.156: javax.naming.CommunicationException: anonymous bind failed: 172.26.151.156:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]


Any help will be greatly appreciated.

Thanks
Pawan

pawanpreeteng wrote:

Hi Everyone,

Could any one help me with LDAP integration with Hudson. I do not get any problem when i do configuration but not able to login later. Same parameters are working for luntbuild (another CI tool).

Server: naldap.win.mycompany.net
root DN:DC: win,DC=mycompany,DC=net
User search base: OU=Users,OU=SomeRegion
User search filter: uid={0}
Group search base: OU=Users,OU=SomeRegion
Manager DN: CN=svcQueryAD,OU=Users,OU=SomeRegion,DC=win,DC=mycompany,DC=net
Manager Password: *************


Just for now, i selected "Anyone can do anything"



Can any one can help me to accomplish my login.


Thanks
Pawan

pawan gandhi wrote:

I have tried again by giving all required values and it did not give me any red bold error on any of the test boxes while entering all info. Then i saved. Checked apache tomcat logs, no errro

A login link came at top right side. When i try to login, it says

Invalid login. The error logs shows below thing. Any idea? It means it is able to reach up to ldap server but authenication is failed. I am using same as for my company system user.

org.acegisecurity.BadCredentialsException: Bad credentials
        at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
        at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
        at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
        at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
        at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
        at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
        at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
        at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
        at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
        at java.lang.Thread.run(Thread.java:595)
Oct 28, 2009 11:21:47 PM hudson.ExpressionFactory2$JexlExpression evaluate
WARNING: Caught exception evaluating: if (request.session.attribute('from')!=null) request.session.getAttribute('from');  else if (request.getParameter('from')!=null) request.getParameter('from'); else if (request.requestURI=='/loginError' || request.requestURI=='/login') '/'; else request.requestURI;. Reason: java.lang.reflect.InvocationTargetException

Florian R. wrote:

Hi,

does your LDAP-Server allow anonymous binds? If not you have to click on Advanced and add Manager DN and Password (this should be a user which can connect and read the directory, I recommend to test it using a dedicated LDAP Client).

Florian

pawan gandhi wrote:

Hi Everyone,

I am trying to set user roles in hudson. Tried ldap configuations but getting error while doing server entries.

Manage Hudson>>Manage System>> Enable Security >> ldap

While entering value in server textbox (<ip>:389) it say as red color error next to text box

Unable to connect to ldaps://172.26.151.156: javax.naming.CommunicationException: anonymous bind failed: 172.26.151.156:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]


Any help will be greatly appreciated.

Thanks
Pawan

Sri Bolle wrote:

LDAP authorization requires the user to be preexisted in Hudson. You add
your ID with full admin rights and then enable LDAP.

On Thu, Nov 5, 2009 at 10:29 AM, pawanpreeteng <pawanpreeteng@gmail.com>wrote:

>
> Adding more information:
>
> Error while login on Hudson site is given below:
>
> WARNING: Parameters: Invalid chunk ignored.
> Nov 4, 2009 12:35:22 PM hudson.security.AuthenticationProcessingFilter2
> onUnsuccessfulAuthentication
> INFO: Login attempt failed
>  org.acegisecurity.BadCredentialsException: Bad credentials
>        at
>
> org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
>        at
>
> org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
>        at
>
> org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
>        at
>
> org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
>        at
>
> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
>        at
>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
>        at
>
> org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
>        at
>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
>        at
>
> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
>        at
>
> hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
>        at
>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
>        at
> hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
>        at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
>        at
>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
>        at
>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
>        at
>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>        at
>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
>        at
>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
>        at
>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>        at
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
>        at
>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
>        at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
>        at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
>        at
>
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
>        at
>
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
>        at
>
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
>        at
>
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
>        at java.lang.Thread.run(Thread.java:595)
> [
>
> pawanpreeteng wrote:
> >
> > Hi Everyone,
> >
> > Could any one help me with LDAP integration with Hudson. I do not get any
> > problem when i do configuration but not able to login later. Same
> > parameters are working for luntbuild (another CI tool).
> >
> > Server: naldap.win.mycompany.net
> > root DN:DC: win,DC=mycompany,DC=net
> > User search base: OU=Users,OU=SomeRegion
> > User search filter: uid={0}
> > Group search base: OU=Users,OU=SomeRegion
> > Manager DN:
> > CN=svcQueryAD,OU=Users,OU=SomeRegion,DC=win,DC=mycompany,DC=net
> > Manager Password: *************
> >
> >
> > Just for now, i selected "Anyone can do anything"
> >
> >
> >
> > Can any one can help me to accomplish my login.
> >
> >
> > Thanks
> > Pawan
> >
> >
> >
> >
> > pawan gandhi wrote:
> >>
> >> I have tried again by giving all required values and it did not give me
> >> any red bold error on any of the test boxes while entering all info.
> Then
> >> i saved. Checked apache tomcat logs, no errro
> >>
> >> A login link came at top right side. When i try to login, it says
> >>
> >> Invalid login. The error logs shows below thing. Any idea? It means it
> is
> >> able to reach up to ldap server but authenication is failed. I am using
> >> same as for my company system user.
> >>
> >> org.acegisecurity.BadCredentialsException: Bad credentials
> >>         at
> >>
> org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
> >>         at
> >>
> org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
> >>         at
> >>
> org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
> >>         at
> >>
> org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
> >>         at
> >>
> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
> >>         at
> >>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
> >>         at
> >>
> org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
> >>         at
> >>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
> >>         at
> >>
> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
> >>         at
> >>
> hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
> >>         at
> >>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
> >>         at
> >>
> hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
> >>         at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
> >>         at
> >>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> >>         at
> >>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >>         at
> >>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> >>         at
> >>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
> >>         at
> >>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
> >>         at
> >>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> >>         at
> >>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
> >>         at
> >>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
> >>         at
> >>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
> >>         at
> >>
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
> >>         at
> >>
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
> >>         at
> >>
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
> >>         at
> >>
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
> >>         at
> >>
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
> >>         at java.lang.Thread.run(Thread.java:595)
> >> Oct 28, 2009 11:21:47 PM hudson.ExpressionFactory2$JexlExpression
> >> evaluate
> >> WARNING: Caught exception evaluating: if
> >> (request.session.attribute('from')!=null)
> >> request.session.getAttribute('from');  else if
> >> (request.getParameter('from')!=null) request.getParameter('from'); else
> >> if (request.requestURI=='/loginError' || request.requestURI=='/login')
> >> '/'; else request.requestURI;. Reason:
> >> java.lang.reflect.InvocationTargetException
> >>
> >>
> >>
> >> Florian R. wrote:
> >>>
> >>> Hi,
> >>>
> >>> does your LDAP-Server allow anonymous binds? If not you have to click
> on
> >>> Advanced and add Manager DN and Password (this should be a user which
> >>> can connect and read the directory, I recommend to test it using a
> >>> dedicated LDAP Client).
> >>>
> >>> Florian
> >>>
> >>>
> >>> pawan gandhi wrote:
> >>>>
> >>>> Hi Everyone,
> >>>>
> >>>> I am trying to set user roles in hudson. Tried ldap configuations but
> >>>> getting error while doing server entries.
> >>>>
> >>>> Manage Hudson>>Manage System>> Enable Security >> ldap
> >>>>
> >>>> While entering value in server textbox (<ip>:389) it say as red color
> >>>> error next to text box
> >>>>
> >>>> Unable to connect to ldaps://172.26.151.156:
> >>>> javax.naming.CommunicationException: anonymous bind failed:
> >>>> 172.26.151.156:636 [Root exception is
> >>>> javax.net.ssl.SSLHandshakeException:
> >>>> sun.security.validator.ValidatorException: PKIX path building failed:
> >>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> >>>> find valid certification path to requested target]
> >>>>
> >>>>
> >>>> Any help will be greatly appreciated.
> >>>>
> >>>> Thanks
> >>>> Pawan
> >>>>
> >>>>
> >>>
> >>>
> >>
> >>
> >
> >
>
> --
> View this message in context:
> http://n4.nabble.com/ldap-integration-tp384162p510142.html
>  Sent from the Hudson users mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@hudson.dev.java.net
> For additional commands, e-mail: users-help@hudson.dev.java.net
>
>

Sri Bolle wrote:

LDAP authorization requires the user to be preexisted in Hudson. You add
your ID with full admin rights and then enable LDAP.

On Thu, Nov 5, 2009 at 10:29 AM, pawanpreeteng <pawanpreeteng@gmail.com>wrote:

>
> Adding more information:
>
> Error while login on Hudson site is given below:
>
> WARNING: Parameters: Invalid chunk ignored.
> Nov 4, 2009 12:35:22 PM hudson.security.AuthenticationProcessingFilter2
> onUnsuccessfulAuthentication
> INFO: Login attempt failed
>  org.acegisecurity.BadCredentialsException: Bad credentials
>        at
>
> org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
>        at
>
> org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
>        at
>
> org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
>        at
>
> org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
>        at
>
> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
>        at
>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
>        at
>
> org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
>        at
>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
>        at
>
> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
>        at
>
> hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
>        at
>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
>        at
> hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
>        at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
>        at
>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
>        at
>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
>        at
>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>        at
>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
>        at
>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
>        at
>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>        at
>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
>        at
>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
>        at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
>        at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
>        at
>
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
>        at
>
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
>        at
>
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
>        at
>
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
>        at java.lang.Thread.run(Thread.java:595)
> [
>
> pawanpreeteng wrote:
> >
> > Hi Everyone,
> >
> > Could any one help me with LDAP integration with Hudson. I do not get any
> > problem when i do configuration but not able to login later. Same
> > parameters are working for luntbuild (another CI tool).
> >
> > Server: naldap.win.mycompany.net
> > root DN:DC: win,DC=mycompany,DC=net
> > User search base: OU=Users,OU=SomeRegion
> > User search filter: uid={0}
> > Group search base: OU=Users,OU=SomeRegion
> > Manager DN:
> > CN=svcQueryAD,OU=Users,OU=SomeRegion,DC=win,DC=mycompany,DC=net
> > Manager Password: *************
> >
> >
> > Just for now, i selected "Anyone can do anything"
> >
> >
> >
> > Can any one can help me to accomplish my login.
> >
> >
> > Thanks
> > Pawan
> >
> >
> >
> >
> > pawan gandhi wrote:
> >>
> >> I have tried again by giving all required values and it did not give me
> >> any red bold error on any of the test boxes while entering all info.
> Then
> >> i saved. Checked apache tomcat logs, no errro
> >>
> >> A login link came at top right side. When i try to login, it says
> >>
> >> Invalid login. The error logs shows below thing. Any idea? It means it
> is
> >> able to reach up to ldap server but authenication is failed. I am using
> >> same as for my company system user.
> >>
> >> org.acegisecurity.BadCredentialsException: Bad credentials
> >>         at
> >>
> org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
> >>         at
> >>
> org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
> >>         at
> >>
> org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
> >>         at
> >>
> org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
> >>         at
> >>
> org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
> >>         at
> >>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
> >>         at
> >>
> org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
> >>         at
> >>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
> >>         at
> >>
> org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
> >>         at
> >>
> hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
> >>         at
> >>
> hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
> >>         at
> >>
> hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
> >>         at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
> >>         at
> >>
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> >>         at
> >>
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> >>         at
> >>
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> >>         at
> >>
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
> >>         at
> >>
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
> >>         at
> >>
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> >>         at
> >>
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
> >>         at
> >>
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
> >>         at
> >>
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
> >>         at
> >>
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
> >>         at
> >>
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
> >>         at
> >>
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
> >>         at
> >>
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
> >>         at
> >>
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
> >>         at java.lang.Thread.run(Thread.java:595)
> >> Oct 28, 2009 11:21:47 PM hudson.ExpressionFactory2$JexlExpression
> >> evaluate
> >> WARNING: Caught exception evaluating: if
> >> (request.session.attribute('from')!=null)
> >> request.session.getAttribute('from');  else if
> >> (request.getParameter('from')!=null) request.getParameter('from'); else
> >> if (request.requestURI=='/loginError' || request.requestURI=='/login')
> >> '/'; else request.requestURI;. Reason:
> >> java.lang.reflect.InvocationTargetException
> >>
> >>
> >>
> >> Florian R. wrote:
> >>>
> >>> Hi,
> >>>
> >>> does your LDAP-Server allow anonymous binds? If not you have to click
> on
> >>> Advanced and add Manager DN and Password (this should be a user which
> >>> can connect and read the directory, I recommend to test it using a
> >>> dedicated LDAP Client).
> >>>
> >>> Florian
> >>>
> >>>
> >>> pawan gandhi wrote:
> >>>>
> >>>> Hi Everyone,
> >>>>
> >>>> I am trying to set user roles in hudson. Tried ldap configuations but
> >>>> getting error while doing server entries.
> >>>>
> >>>> Manage Hudson>>Manage System>> Enable Security >> ldap
> >>>>
> >>>> While entering value in server textbox (<ip>:389) it say as red color
> >>>> error next to text box
> >>>>
> >>>> Unable to connect to ldaps://172.26.151.156:
> >>>> javax.naming.CommunicationException: anonymous bind failed:
> >>>> 172.26.151.156:636 [Root exception is
> >>>> javax.net.ssl.SSLHandshakeException:
> >>>> sun.security.validator.ValidatorException: PKIX path building failed:
> >>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to
> >>>> find valid certification path to requested target]
> >>>>
> >>>>
> >>>> Any help will be greatly appreciated.
> >>>>
> >>>> Thanks
> >>>> Pawan
> >>>>
> >>>>
> >>>
> >>>
> >>
> >>
> >
> >
>
> --
> View this message in context:
> http://n4.nabble.com/ldap-integration-tp384162p510142.html
>  Sent from the Hudson users mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@hudson.dev.java.net
> For additional commands, e-mail: users-help@hudson.dev.java.net
>
>

Florian R. wrote:

Hi,

does your LDAP-Server allow anonymous binds? If not you have to click on Advanced and add Manager DN and Password (this should be a user which can connect and read the directory, I recommend to test it using a dedicated LDAP Client).

Florian

pawan gandhi wrote:

Hi Everyone,

I am trying to set user roles in hudson. Tried ldap configuations but getting error while doing server entries.

Manage Hudson>>Manage System>> Enable Security >> ldap

While entering value in server textbox (<ip>:389) it say as red color error next to text box

Unable to connect to ldaps://172.26.151.156: javax.naming.CommunicationException: anonymous bind failed: 172.26.151.156:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]


Any help will be greatly appreciated.

Thanks
Pawan

pawanpreeteng wrote:

Error while log in is

Nov 8, 2009 12:53:26 AM hudson.security.AuthenticationProcessingFilter2 onUnsuccessfulAuthentication
INFO: Login attempt failed
org.acegisecurity.BadCredentialsException: Bad credentials
        at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:122)
        at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
        at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
        at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
        at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
        at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
        at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
        at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
        at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
        at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
        at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThre

Florian R. wrote:

Hi,

does your LDAP-Server allow anonymous binds? If not you have to click on Advanced and add Manager DN and Password (this should be a user which can connect and read the directory, I recommend to test it using a dedicated LDAP Client).

Florian

pawan gandhi wrote:

Hi Everyone,

I am trying to set user roles in hudson. Tried ldap configuations but getting error while doing server entries.

Manage Hudson>>Manage System>> Enable Security >> ldap

While entering value in server textbox (<ip>:389) it say as red color error next to text box

Unable to connect to ldaps://172.26.151.156: javax.naming.CommunicationException: anonymous bind failed: 172.26.151.156:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]


Any help will be greatly appreciated.

Thanks
Pawan