Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-18112

ldap auth node does not tell real connection error

    XMLWordPrintable

    Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 7.1.0
    • None
    • Azul OpenJDK "11.0.7" 2020-04-14 LTS
      Apache Tomcat/9.0.46
      FR DS 7.1.0
      FR AM 7.1.0
    • Rank:
      1|i059ke:

      Description

      Bug description

      Misleading error message when LDAP auth node is connecting to an TLS-enabled server.

      How to reproduce the issue

      1. Configure FR DS with AM profiles
      2. Configure AM
      3. Configure AuthTree with page node for username/password and LDAP decision node
      4. Intentionally do not specify 'LDAPS' but 'LDAP' as connection mode
      5. perform tree-based authentication
      Expected behaviour
      ldap auth node should tell that there is TLS connection issue.
      
      Current behaviour
      ldap auth node reports 'server down, but this not true.
      
      excerpt of AM 7.1.0 authentiation debug log
      o.f.o.a.n.LdapDecisionNode: 2021-07-19 17:06:15,732: Thread[http-nio-8080-exec-9]: TransactionId[b8bde41c-7e62-49fc-ae63-010e118965e6-1549]
      DEBUG: loginState serverDown
      o.f.o.a.n.LdapDecisionNode: 2021-07-19 17:06:15,732: Thread[http-nio-8080-exec-9]: TransactionId[b8bde41c-7e62-49fc-ae63-010e118965e6-1549]
      WARN: Unknown login state
      o.f.o.c.r.a.t.AuthTrees: 2021-07-19 17:06:15,732: Thread[http-nio-8080-exec-9]: TransactionId[b8bde41c-7e62-49fc-ae63-010e118965e6-1549]
      ERROR: Exception in processing the tree
      org.forgerock.openam.auth.node.api.NodeProcessException: Encountered an unknown state 'serverDown' during authentication.
      

        Attachments

          Activity

            People

            Unassigned Unassigned
            bthalmayr Bernhard Thalmayr
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated: