Dear Paul,
I have checked IP address, login and password by AD Explorer they are all correct and I have found no any inconsistency.
You have mentioned that it is hard to say the reason of my problem without stack trace so let me provide my stack for your investigation. Below message are risen every time when I try to login in Flowable.
Please review this stack when you will have a time:
03:37:19,031 [http-nio-8080-exec-22] WARN org.flowable.ldap.LDAPConnectionUtil - Could not create InitialDirContext for LDAP connection : 192.160.0.1:389
03:37:19,036 [http-nio-8080-exec-22] INFO org.flowable.ldap.LDAPTemplate - Could not create LDAP connection : Could not create InitialDirContext for LDAP connection : 192.160.0.1:389
org.flowable.engine.common.api.FlowableException: Could not create InitialDirContext for LDAP connection : 192.160.0.1:389
at org.flowable.ldap.LDAPConnectionUtil.createDirectoryContext(LDAPConnectionUtil.java:57)
at org.flowable.ldap.LDAPConnectionUtil.creatDirectoryContext(LDAPConnectionUtil.java:35)
at org.flowable.ldap.LDAPTemplate.execute(LDAPTemplate.java:38)
at org.flowable.ldap.LDAPIdentityServiceImpl.executeCheckPassword(LDAPIdentityServiceImpl.java:147)
at org.flowable.ldap.LDAPIdentityServiceImpl.checkPassword(LDAPIdentityServiceImpl.java:64)
at org.flowable.app.security.CustomLdapAuthenticationProvider.authenticate(CustomLdapAuthenticationProvider.java:47)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:167)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:192)
at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:93)
at org.flowable.app.web.CustomUsernamePasswordAuthenticationFilter.attemptAuthentication(CustomUsernamePasswordAuthenticationFilter.java:39)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:80)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:624)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:341)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:799)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:861)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1455)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.naming.CommunicationException: 192.168.0.1:389 [Root exception is java.net.ConnectException: Connection timed out (Connection timed out)]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:226)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.InitialContext.<init>(InitialContext.java:216)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101)
at org.flowable.ldap.LDAPConnectionUtil.createDirectoryContext(LDAPConnectionUtil.java:54)
... 43 more
Caused by: java.net.ConnectException: Connection timed out (Connection timed out)
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at java.net.Socket.connect(Socket.java:538)
at java.net.Socket.<init>(Socket.java:434)
at java.net.Socket.<init>(Socket.java:211)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:363)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:203)
... 57 more
My current configurations is:
ldap.enabled=true
ldap.server=ldap://192.160.0.1
ldap.port=389
ldap.user=CN=admin1,CN=Users,DC=domain,DC=company,DC=kz
ldap.password=pass
ldap.basedn=CN=Users,DC=domain,DC=company,DC=kz
ldap.userbasedn=
ldap.groupbasedn=
ldap.query.userbyid=(&(sAMAccountName={0})(objectClass=user))
ldap.query.userbyname=(&(objectClass=user)(memberOf\=CN\=Users,DC\=domain,DC\=company,DC\=kz)(|({0}=*{1}*)({2}=*{3}*)))
ldap.query.userall=(&(objectclass=user)(memberOf\=CN\=Users,DC\=domain,DC\=company,DC\=kz))
ldap.query.groupsforuser=(member={0})
ldap.query.groupall=(&(objectClass=group)(cn=Users))
ldap.attribute.userid=sAMAccountName
ldap.attribute.firstname=givenName
ldap.attribute.lastname=sn
ldap.attribute.email=mail
ldap.attribute.groupid=cn
ldap.attribute.groupname=cn
ldap.cache.groupsize=10000
ldap.cache.groupexpiration=180000
admin.userid=admin1
I also tried change the following but no success:
ldap.userbasedn=CN=Users,DC=domain.company.kz
ldap.groupbasedn=CN=Users,DC=domain.company.kz
or
ldap.userbasedn=CN=Users,DC=domain,DC=company,DC=kz
ldap.groupbasedn=CN=Users,DC=domain,DC=company,DC=kz
I also tried to use the following configurations BUT also no success I can’t authentication/authorization in flowable-idm (by login: admin1):
ldap.enabled=true
ldap.server=ldap://192.160.0.1
ldap.port=389
ldap.user=CN=admin1,CN=Users,DC=domain.company.kz (also used: CN=Users,DC=domain,DC=company,DC=kz)
ldap.password=pass
ldap.basedn=CN=Users,DC=domain.company.kz (also used: CN=Users,DC=domain,DC=company,DC=kz)
ldap.userbasedn=
ldap.groupbasedn=CN=Users
ldap.query.userbyid=(&(sAMAccountName={0})(objectClass=user))
ldap.query.userbyname=
ldap.query.userall=
ldap.query.groupsforuser=
ldap.query.groupall=
ldap.attribute.userid=sAMAccountName
ldap.attribute.firstname=givenName
ldap.attribute.lastname=sn
ldap.attribute.email=mail
ldap.attribute.groupid=cn
ldap.attribute.groupname=cn
ldap.cache.groupsize=10000
ldap.cache.groupexpiration=180000
This is the answer on POST request (to http://192.168.0.90:8080**/flowable-idm/app/authentication**) from the flowable-idm Login page (http://192.168.0.90:8080**/flowable-idm/#/login**):
<!doctype html><html lang="en"><head><title>HTTP Status 500 – Internal Server Error</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1><hr class="line" /><p><b>Type</b> Exception Report</p><p><b>Description</b> The server encountered an unexpected condition that prevented it from fulfilling the request.</p><p><b>Exception</b></p><pre>java.lang.NullPointerException
org.flowable.ldap.LDAPConnectionUtil.closeDirectoryContext(LDAPConnectionUtil.java:64)
org.flowable.ldap.LDAPTemplate.execute(LDAPTemplate.java:43)
org.flowable.ldap.LDAPIdentityServiceImpl.executeCheckPassword(LDAPIdentityServiceImpl.java:147)
org.flowable.ldap.LDAPIdentityServiceImpl.checkPassword(LDAPIdentityServiceImpl.java:64)
org.flowable.app.security.CustomLdapAuthenticationProvider.authenticate(CustomLdapAuthenticationProvider.java:47)
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:167)
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:192)
org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:93)
org.flowable.app.web.CustomUsernamePasswordAuthenticationFilter.attemptAuthentication(CustomUsernamePasswordAuthenticationFilter.java:39)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:120)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:64)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:91)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:53)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:213)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:176)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:262)
</pre><p><b>Note</b> The full stack trace of the root cause is available in the server logs.</p><hr class="line" /><h3>Apache Tomcat/8.5.13</h3></body></html>
Thank you in advance !
Best regards,
Zholaman