org.acegisecurity.AuthenticationServiceException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''

Jenkins JIRA | karlyu | 6 years ago
  1. 0

    I created a Hudson site on ubuntu, and config the access control using LDAP. The LDAP configuration is set according following set which is used in our apache server(I use 'company' replace our company name): "ldap://ids.company.com:389/ou=People,ou=Intranet,dc=company,dc=com?uid?sub?(objectClass=*)" Here's the Hudson config: <useSecurity>true</useSecurity> <authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/> <securityRealm class="hudson.security.LDAPSecurityRealm"> <server>ldap://ids.company.com:389</server> <rootDN>dc=company,dc=com</rootDN> <userSearchBase>ou=people,ou=intranet</userSearchBase> <userSearch>uid={0}</userSearch> </securityRealm> bug got error info: " an 11, 2011 9:51:13 AM hudson.security.AuthenticationProcessingFilter2 onUnsuccessfulAuthentication INFO: Login attempt failed org.acegisecurity.AuthenticationServiceException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name '' at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:238) at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:119) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45) at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.lang.Thread.run(Thread.java:662) " I have checked our company about the LDAP policy, it's no need to give the bind db via intranet, so can anyone help me about this problem? Thank you in advance!

    Jenkins JIRA | 6 years ago | karlyu
    org.acegisecurity.AuthenticationServiceException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''
  2. 0

    I created a Hudson site on ubuntu, and config the access control using LDAP. The LDAP configuration is set according following set which is used in our apache server(I use 'company' replace our company name): "ldap://ids.company.com:389/ou=People,ou=Intranet,dc=company,dc=com?uid?sub?(objectClass=*)" Here's the Hudson config: <useSecurity>true</useSecurity> <authorizationStrategy class="hudson.security.AuthorizationStrategy$Unsecured"/> <securityRealm class="hudson.security.LDAPSecurityRealm"> <server>ldap://ids.company.com:389</server> <rootDN>dc=company,dc=com</rootDN> <userSearchBase>ou=people,ou=intranet</userSearchBase> <userSearch>uid={0}</userSearch> </securityRealm> bug got error info: " an 11, 2011 9:51:13 AM hudson.security.AuthenticationProcessingFilter2 onUnsuccessfulAuthentication INFO: Login attempt failed org.acegisecurity.AuthenticationServiceException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name '' at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:238) at org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:119) at org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195) at org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45) at org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at winstone.FilterConfiguration.execute(FilterConfiguration.java:195) at winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368) at winstone.RequestDispatcher.forward(RequestDispatcher.java:333) at winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244) at winstone.RequestHandlerThread.run(RequestHandlerThread.java:150) at java.lang.Thread.run(Thread.java:662) " I have checked our company about the LDAP policy, it's no need to give the bind db via intranet, so can anyone help me about this problem? Thank you in advance!

    Jenkins JIRA | 6 years ago | karlyu
    org.acegisecurity.AuthenticationServiceException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''
  3. 0

    [JENKINS-8569] DomainDnsZones UnknownHostException - Jenkins JIRA

    jenkins-ci.org | 8 months ago
    org.acegisecurity.AuthenticationServiceException: LdapCallback;null; nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: DomainDnsZones.internal.synopsys.com:389 [Root exception is java.net.ConnectException: Connection timed out]]; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;null; nested exception is javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: DomainDnsZones.internal.synopsys.com:389 [Root exception is java.net.ConnectException: Connection timed out]]
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. org.acegisecurity.AuthenticationServiceException

      LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''; nested exception is org.acegisecurity.ldap.LdapDataAccessException: LdapCallback;[LDAP: error code 50 - Search access not permitted with that filter]; nested exception is javax.naming.NoPermissionException: [LDAP: error code 50 - Search access not permitted with that filter]; remaining name ''

      at org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser()
    2. Acegi Security Core
      AbstractProcessingFilter.doFilter
      1. org.acegisecurity.providers.ldap.LdapAuthenticationProvider.retrieveUser(LdapAuthenticationProvider.java:238)
      2. org.acegisecurity.providers.dao.AbstractUserDetailsAuthenticationProvider.authenticate(AbstractUserDetailsAuthenticationProvider.java:119)
      3. org.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:195)
      4. org.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:45)
      5. org.acegisecurity.ui.webapp.AuthenticationProcessingFilter.attemptAuthentication(AuthenticationProcessingFilter.java:71)
      6. org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:252)
      6 frames
    3. Hudson
      ChainedServletFilter$1.doFilter
      1. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      1 frame
    4. Acegi Security Core
      BasicProcessingFilter.doFilter
      1. org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:173)
      1 frame
    5. Hudson
      ChainedServletFilter$1.doFilter
      1. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      1 frame
    6. Acegi Security Core
      HttpSessionContextIntegrationFilter.doFilter
      1. org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      1 frame
    7. Hudson
      HudsonFilter.doFilter
      1. hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:66)
      2. hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      3. hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
      4. hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
      4 frames
    8. winstone
      RequestHandlerThread.run
      1. winstone.FilterConfiguration.execute(FilterConfiguration.java:195)
      2. winstone.RequestDispatcher.doFilter(RequestDispatcher.java:368)
      3. winstone.RequestDispatcher.forward(RequestDispatcher.java:333)
      4. winstone.RequestHandlerThread.processRequest(RequestHandlerThread.java:244)
      5. winstone.RequestHandlerThread.run(RequestHandlerThread.java:150)
      5 frames
    9. Java RT
      Thread.run
      1. java.lang.Thread.run(Thread.java:662)
      1 frame