Sonarqube LDAP: код ошибки 1 и 49

Question

я получили эти ошибки при попытке подключения к LDAP с помощью sonarqube:

2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] Requesting details for user sonartester 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapSearch] Search: LdapSearch{baseDn=cn=Users,dc=mydomain,dc=com, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[sonartester], attributes=[mail, cn]} 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow} 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580] javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]

....

2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] User sonartester not found in 2016.09.13 09:35:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication org.sonar.api.utils.SonarException: Unable to retrieve details for user sonartester in 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] User sonartester not found in 2016.09.13 09:35:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication org.sonar.api.utils.SonarException: Unable to retrieve details for user sonartester in

я создал пользователь SONARTEST найденный в подразделению пользователей и члене моей группы. Группа также находится в OU пользователей. Вот мой конфиг:

sonar.security.realm=LDAP 
sonar.authenticator.createUsers=true 
ldap.url=ldap://myip:389 
ldap.bindDn.=cn=someusername,ou=Users,o=mydomain 
ldap.bindPassword.=somepassword 
ldap.authentication=simple 
ldap.realm=mydomain.com 

ldap.user.baseDn=cn=Users,dc=mydomain,dc=com 
ldap.user.request=(&(objectClass=user)(sAMAccountName={login})) 
ldap.user.realNameAttribute=cn 

ldap.group.baseDn=ou=Users,dc=mydomain,dc=com 
ldap.group.request=(&(objectClass=my-group)(member={dn})) 
ldap.group.idAttribute=sAMAccountName 

Пользователь используется для привязки имеет все необходимые права, и находится в OU пользователей также. Я использовал одного и того же пользователя для подключения к ldap по адресу confluence, и все прошло хорошо. Отлично, если кто-то может мне помочь. Thaks

---

спасибо Николя за ответ

Удаление точек дает другую ошибку при перезапуске службы, которая не в состоянии начать.

2016.09.13 15:46:00 INFO web[org.sonar.INFO] Security realm: LDAP 
2016.09.13 15:46:00 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=cn=Users,dc=mydomain,dc=com, request=(&(objectClass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail} 
2016.09.13 15:46:01 INFO web[o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=ou=Users,dc=mydomain,dc=com, idAttribute=sAMAccountName, requiredUserAttributes=[dn], request=(&(objectClass=mygroup)(member={0}))} 
2016.09.13 15:46:01 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=cn=someusername,ou=Users,o=mydomain, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow} 
2016.09.13 15:46:02 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection: FAIL 
2016.09.13 15:46:02 ERROR web[o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.PlatformServletContextListener 
java.lang.IllegalStateException: Unable to open LDAP connection 
     at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:146) ~[na:na] 
     at org.sonar.plugins.ldap.LdapRealm.init(LdapRealm.java:64) ~[na:na] 
     at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:84) ~[sonar-server-6.0.jar:na] 
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_91] 
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_91] 
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_91] 
     at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_91] 
     at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na] 
     at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na] 
     at org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:320) ~[sonar-core-6.0.jar:na] 
     at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na] 
     at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na] 
     at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na] 
     at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na] 
     at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na] 
     at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na] 
     at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na] 
     at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:141) ~[sonar-core-6.0.jar:na] 
     at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-6.0.jar:na] 
     at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:687) ~[sonar-server-6.0.jar:na] 
     at org.sonar.server.platform.Platform.start(Platform.java:216) ~[sonar-server-6.0.jar:na] 
     at org.sonar.server.platform.Platform.startLevel34Containers(Platform.java:190) ~[sonar-server-6.0.jar:na] 
     at org.sonar.server.platform.Platform.doStart(Platform.java:113) ~[sonar-server-6.0.jar:na] 
     at org.sonar.server.platform.Platform.doStart(Platform.java:99) ~[sonar-server-6.0.jar:na] 
     at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:44) ~[sonar-server-6.0.jar:na] 
     at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.32.jar:8.0.32] 
     at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.32.jar:8.0.32] 
     at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) [tomcat-embed-core-8.0.32.jar:8.0.32] 
     at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.32.jar:8.0.32] 
     at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.32.jar:8.0.32] 
     at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_91] 
     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_91] 
     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_91] 
     at java.lang.Thread.run(Thread.java:745) [na:1.8.0_91] 
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580] 
     at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3135) ~[na:1.8.0_91] 
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3081) ~[na:1.8.0_91] 
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[na:1.8.0_91] 
     at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[na:1.8.0_91] 
     at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[na:1.8.0_91] 
     at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[na:1.8.0_91] 
     at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[na:1.8.0_91] 
     at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[na:1.8.0_91] 
     at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[na:1.8.0_91] 
     at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[na:1.8.0_91] 
     at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[na:1.8.0_91] 
     at javax.naming.InitialContext.init(InitialContext.java:244) ~[na:1.8.0_91] 
     at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:1.8.0_91] 
     at org.sonar.plugins.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:95) ~[na:na] 
     at org.sonar.plugins.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:83) ~[na:na] 
     at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:142) ~[na:na] 
     ... 33 common frames omitted 
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] One or more listeners failed to start. Full details will be found in the appropriate container log file 
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] Context [] startup failed due to previous errors 
2016.09.13 15:46:02 WARN web[o.a.c.l.WebappClassLoaderBase] The web application [ROOT] appears to have started a thread named [Abandoned connection cleanup thread] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread: 
java.lang.Object.wait(Native Method) 
java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:143) 
com.mysql.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionCleanupThread.java:43) 
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Starting ProtocolHandler ["http-nio-0.0.0.0-9000"] 
2016.09.13 15:46:02 INFO web[o.s.s.a.TomcatAccessLog] Web server is started 
2016.09.13 15:46:02 INFO web[o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000 
2016.09.13 15:46:02 WARN web[o.s.p.ProcessEntryPoint] Fail to start web 
java.lang.IllegalStateException: Webapp did not start 
     at org.sonar.server.app.EmbeddedTomcat.isUp(EmbeddedTomcat.java:84) ~[sonar-server-6.0.jar:na] 
     at org.sonar.server.app.WebServer.isUp(WebServer.java:47) [sonar-server-6.0.jar:na] 
     at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:105) ~[sonar-process-6.0.jar:na] 
     at org.sonar.server.app.WebServer.main(WebServer.java:68) [sonar-server-6.0.jar:na] 
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Pausing ProtocolHandler ["http-nio-0.0.0.0-9000"] 
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Stopping ProtocolHandler ["http-nio-0.0.0.0-9000"] 
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Destroying ProtocolHandler ["http-nio-0.0.0.0-9000"] 
2016.09.13 15:46:03 INFO web[o.s.s.a.TomcatAccessLog] Web server is stopped 
2016.09.13 15:46:03 INFO app[o.s.p.m.Monitor] Process[es] is stopping 
2016.09.13 15:46:04 INFO es[o.s.p.StopWatcher] Stopping process 
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopping ... 
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopped 
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closing ... 
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closed 
2016.09.13 15:46:04 INFO app[o.s.p.m.Monitor] Process[es] is stopped 
<-- Wrapper Stopped 

телнета к IP и порту 389 работ

---

Я создал новый пользователь с простым паролем (без специальных символов) Ошибки изменена на следующее:

Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]

Answer 1

изменили часть

ldap.bindDn =cn=someusername,ou=Users,o=mydomain

в

ldap.bindDn =someusername@mydomain.com

и работал

Answer 2

Первый номер

Это реальная проблема в вашей ошибки:

In order to perform this operation a successful bind must be completed on the connection

В соответствии LDAP Plugin documentation эти свойства, которые вы должны настроить для SonarQube связываться с вашим сервером: ldap.bindDn и ldap.bindPassword.

Но, глядя на ваш конфиг:

ldap.bindDn.=cn=someusername,ou=Users,o=mydomain 
ldap.bindPassword.=somepassword 

Смотрите эти завершающие точки прямо там? Удаление их должно позволить операции связывать.

---

Второй выпуск Ваш Active Directory возвращает подробную ошибку:

[LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]

error code 49 (data 52e) интересная часть. Немного прибегая к помощи по кодам ошибок LDAP приносит вам here, например:

49 - LDAP_INVALID_CREDENTIALS - Indicates that during a bind operation one of the following occurred: The client passed either an incorrect DN or password, or the password is incorrect because it has expired, intruder detection has locked the account, or another similar reason. See the data code for more information.

Итог: исправить учетные данные.