A customer is seeing this logging in 5.5.0:
We think msgID 1 is the BIND REQ.
There are two problems here.
First is that we should not be including the exception name in the error text, as that leaks implementation information.
More subtly, we should actually just ignore that abandon operation and not return an error. RFC 4511 4.11 Abandon Operation says:
Abandon, Bind, Unbind, and StartTLS operations cannot be abandoned.
Servers MUST discard Abandon requests for messageIDs they do not recognize, for operations that cannot be abandoned, and for operations that have already been abandoned.
Our LdapClientConnection.handleRequest() just rejects all operations if a bind is in progress.