603050 – Upgrade JON2.3 to JON 2.4Beta1 with postgres gets LDAP error in server log

Bug 603050 - Upgrade JON2.3 to JON 2.4Beta1 with postgres gets LDAP error in server log

Summary: Upgrade JON2.3 to JON 2.4Beta1 with postgres gets LDAP error in server log

Keywords:
Status:	CLOSED WORKSFORME
Alias:	None
Product:	RHQ Project
Classification:	Other
Component:	Core Server
Sub Component:
Version:	3.0.0
Hardware:	All
OS:	Linux
Priority:	low
Severity:	high
Target Milestone:	---
Target Release:	---
Assignee:	Simeon Pinder
QA Contact:	Corey Welton
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	rhq_triage jon24-ldap
TreeView+	depends on / blocked

Reported:	2010-06-11 12:41 UTC by Rajan Timaniya
Modified:	2010-07-23 23:19 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-07-23 23:19:48 UTC
Embargoed:

Attachments	(Terms of Use)
server log (91.92 KB, text/x-log) 2010-06-11 12:41 UTC, Rajan Timaniya	no flags	Details
View All

Description Rajan Timaniya 2010-06-11 12:41:09 UTC

Created attachment 423258 [details]
server log

Description of problem:
Upgrade JON2.3 to JON 2.4Beta1 with postgres gets LDAP error/exception in server log.
2010-06-11 17:12:17,316 INFO  [org.rhq.enterprise.server.core.CustomJaasDeploymentService] Disabling RHQ LDAP JAAS Provider: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext error, data 57, vece]
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext error, data 57, vece]

Version-Release number of selected component (if applicable):
JON 2.4Beta1

How reproducible:
Always

Steps to Reproduce:
1) Install JON 2.3 with Postgres 8.4
2) Set 'LDAP Configuration Properties' and use LDAP Authentication
3) Upgrade JON 2.3 to JON 2.4Beta1 (same database)
4) Refer server log file.

Note: After upgrade the 'LDAP Configuration Properties' is 'AS IS' even after upgrade. But there is exception/error in server log.
  
Actual results:
Upgrade JON2.3 to JON 2.4Beta1 gets LDAP error in server log.

Expected results:
Upgrade JON2.3 to JON 2.4Beta1 should not give LDAP error/exception in server log.

Additional info:
2010-06-11 17:12:16,975 INFO  [org.rhq.enterprise.server.core.CustomJaasDeploymentService] Enabled the temporary session login module
2010-06-11 17:12:17,316 INFO  [org.rhq.enterprise.server.core.CustomJaasDeploymentService] Disabling RHQ LDAP JAAS Provider: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext error, data 57, vece]
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext error, data 57, vece]
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
        at javax.naming.InitialContext.init(InitialContext.java:223)
        at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
        at org.rhq.enterprise.server.core.CustomJaasDeploymentService.validateLdapOptions(CustomJaasDeploymentService.java:213)
        at org.rhq.enterprise.server.core.CustomJaasDeploymentService.registerJaasModules(CustomJaasDeploymentService.java:131)
        at org.rhq.enterprise.server.core.CustomJaasDeploymentService.installJaasModules(CustomJaasDeploymentService.java:69)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
        at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
        at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
        at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
        at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
        at javax.management.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:288)
        at $Proxy527.installJaasModules(Unknown Source)
        at org.rhq.enterprise.gui.startup.StartupServlet.installJaasModules(StartupServlet.java:254)
        at org.rhq.enterprise.gui.startup.StartupServlet.init(StartupServlet.java:126)
        at javax.servlet.GenericServlet.init(GenericServlet.java:212)
        at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1161)
        at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:981)
        at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4071)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4375)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:790)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:770)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:553)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:296)
        at org.jboss.mx.server.RawDynamicInvoker.invoke(RawDynamicInvoker.java:164)
        at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
        at org.apache.catalina.core.StandardContext.init(StandardContext.java:5312)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:296)
        at org.jboss.mx.server.RawDynamicInvoker.invoke(RawDynamicInvoker.java:164)
        at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
        at org.jboss.web.tomcat.service.TomcatDeployer.performDeployInternal(TomcatDeployer.java:301)
        at org.jboss.web.tomcat.service.TomcatDeployer.performDeploy(TomcatDeployer.java:104)
        at org.jboss.web.AbstractWebDeployer.start(AbstractWebDeployer.java:375)
        at org.jboss.web.WebModule.startModule(WebModule.java:83)
        at org.jboss.web.WebModule.startService(WebModule.java:61)
        at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:289)
        at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:245)
        at sun.reflect.GeneratedMethodAccessor3.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
        at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
        at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
        at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
        at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
        at org.jboss.system.ServiceController$ServiceProxy.invoke(ServiceController.java:978)
        at $Proxy0.start(Unknown Source)
        at org.jboss.system.ServiceController.start(ServiceController.java:417)
        at sun.reflect.GeneratedMethodAccessor5.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
        at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
        at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
        at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
        at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
        at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
        at $Proxy41.start(Unknown Source)
        at org.jboss.web.AbstractWebContainer.start(AbstractWebContainer.java:466)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
        at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
        at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
        at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
        at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
        at org.jboss.mx.interceptor.DynamicInterceptor.invoke(DynamicInterceptor.java:97)
        at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
        at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
        at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
        at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
        at $Proxy42.start(Unknown Source)
        at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1025)
        at org.jboss.deployment.MainDeployer.start(MainDeployer.java:1015)
        at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:819)
        at org.jboss.deployment.MainDeployer.deploy(MainDeployer.java:782)
        at sun.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
        at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
        at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
        at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
        at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
        at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
        at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
        at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
        at org.jboss.mx.util.MBeanProxyExt.invoke(MBeanProxyExt.java:210)
        at $Proxy9.deploy(Unknown Source)
        at org.jboss.deployment.scanner.URLDeploymentScanner.deploy(URLDeploymentScanner.java:421)
        at org.jboss.deployment.scanner.URLDeploymentScanner.scan(URLDeploymentScanner.java:634)
        at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.doScan(AbstractDeploymentScanner.java:263)
        at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.loop(AbstractDeploymentScanner.java:274)
        at org.jboss.deployment.scanner.AbstractDeploymentScanner$ScannerThread.run(AbstractDeploymentScanner.java:225)
2010-06-11 17:12:17,319 INFO  [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/]] initializer: Starting the server-agent communications services
2010-06-11 17:12:17,425 INFO  [org.rhq.enterprise.communications.ServiceContainer] {ServiceContainer.global-concurrency-limit-set}Global concurrency limit has been set - no more than [30] incoming commands will be accepted at the same time
2010-06-11 17:12:17,490 INFO  [org.rhq.enterprise.communications.ServiceContainer] {ServiceContainer.started}Service container started - ready to accept incoming commands

Comment 1 Simeon Pinder 2010-06-11 21:40:25 UTC

Reproduced this and it's weird. Need to check the property values before and right after an upgrade.  I think somehow we're resetting or emptying the password field.

Comment 2 Charles Crouch 2010-07-23 23:19:48 UTC

jshaughn could not reproduce

(5:07:05 PM) ccrouch: jshaughn: any update on 603050?
(5:07:32 PM) jshaughn: Did not replicate on 2.3.1 to 2.4 with Oracle
(5:08:11 PM) ccrouch: so the system config rows for ldap were completely unchanged?
(5:09:01 PM) jshaughn: correct
(5:09:16 PM) jshaughn: discussing with simeon other possibilities
(5:11:23 PM) ccrouch: i guess we could just try reproducing on PG with ldap configured and seeing if ldap continued to work in 2.4?
(5:12:29 PM) jshaughn: ccrouch:  I'm trying now from 2.2.0 to 2.4 with postgres
(5:21:20 PM) ccrouch: spinder: can you test just a regular upgrade, but with an actual ldap server configured, and make sure ldap users who can login to 2.3 can still seemlessly loginto 2.4, without any changes?
(5:26:43 PM) jshaughn: ccrouch: spinder, this is working as expected.  I'm not sure what evil force twisted both rajan and simeon's test but postgres 2.2.0 to 2.4 did not show any issue.  I can only imagine that somehow, maybe due to browser pwd caching or something, set bad creds before the upgrade.
(5:27:39 PM) jshaughn: spinder: and I saw FF prompt for some odd pwd saving for ldap fields. 
(5:28:19 PM) ccrouch: jshaughn: hmm that could be it, it will treat that field like a username/password box
(5:33:35 PM) jshaughn: ccrouch:  The error they saw is definitely seen if the ldap creds are wrong.  Ijust think they had to have been wrong for some other reason.  I think you can close the bz
(5:34:54 PM) spinder: jshaughn, ccrouch: excellent. Did not need and extra drama. 
(5:34:58 PM) ccrouch: jshaughn: sounds good, if they are even able to hit an ldap server then some of the config data must have stuck, otherwise the upgraded version would not have know where to try to talk
(5:36:11 PM) jshaughn: yes, certainly the ldap url was right. fact is, there is no way I can see that the system config table can get hit in any negative way during our upgrade steps.  I went back to 2.2 just to see if it made any diff

Note You need to log in before you can comment on or make changes to this bug.