Error message when trying to connect to LDAP server: Exception performing authentication

(Doc ID 1028852.1)

Last updated on AUGUST 28, 2017

Applies to:

Sun Integrated Composite Application Network (ICAN) - Version 5.0.5 and later
Information in this document applies to any platform.
Sun SeeBeyond Integrated Composite Application Network (ICAN) - Version: 5.0.5 and later
Checked for relevance on 22-MAR-2011
***Checked for relevance on 05-Feb-2013***
***Checked for relevance on 07-July-2014***

Symptoms

Following is the part of xml specified according to admin guide section 9.2.4 to get repository work with LDAP server.

-------------------------------------------
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://DS-LDAPL3.DC.GOV:389"
userBase="CN=LDAPHSMP,DC=dc,DC=gov"
userSearch="(cn={0})"
roleBase="CN=Admins,OU=HSMPGroups,OU=districtGroups,DC=dc,DC=gov"
roleName="Admins"
roleSearch="(member={0})"
/>
-------------------------------------------

LDAP server is up and running and the following exception is thrown when logged into Enterprise Designer.

-------------------------------------------
"Unable to connect to repository ..."

The log file contains the following:
2004-08-25 16:32:36 JNDIRealm[Standalone]: Exception performing authentication
javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090606, comment:
In order to perform this operation a successful bind must be completed on the connection., data 0, vece
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at javax.naming.directory.InitialDirContext.search(Unknown Source)
at org.apache.catalina.realm.JNDIRealm.getUserBySearch(JNDIRealm.java:1012)
at org.apache.catalina.realm.JNDIRealm.getUser(JNDIRealm.java:901)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:850)
at org.apache.catalina.realm.JNDIRealm.authenticate(JNDIRealm.java:797)
at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:161)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:525)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2415)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:376)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174)
at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995)
at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:223)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:432)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:389)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:534)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:530)
at java.lang.Thread.run(Unknown Source)
-------------------------------------------

Windows 2003 Active Directory Application Mode is used and not open LDAP server.

After providing the following lines in server.xml, the binding to LDAP server worked which
includes connection password encoded in Base64 format.

-------------------------------------------
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://DS-LDAPL3.DC.GOV:389"
connectionName="CN=LDAPHSMP,DC=dc,DC=gov"
connectionPassword="<PASSWORD>"
userBase="CN=Admins,OU=HSMPGroups,OU=districtGroups,DC=dc,DC=gov"
userPattern="distUserName={0},CN=districtPeople,DC=dc,DC=gov"
userSearch="(uid={0})"
userRoleName="Admins"
userRoleNamePattern="cn={0},DC=dc,DC=gov"
/>
-------------------------------------------

Even providing the following part in server.xml doesn't fix authrization errors:

-------------------------------------------
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://DS-LDAPL3.DC.GOV:389"
connectionName="CN=LDAPHSMP,DC=dc,DC=gov"
connectionPassword="5T8nYArIsULcH+GN46OZcg=="
userBase="CN=administration,OU=ICANRoles,OU=HSMPGroups,OU=districtGroups,DC=dc,DC=gov"
userSearch="(cn={0})"
roleBase="OU=ICANRoles,OU=HSMPGroups,OU=districtGroups,DC=dc,DC=gov"
roleName="administration"
roleSearch="(member={0})"
/>
-------------------------------------------

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms