You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by "ighack (Jira)" <ji...@apache.org> on 2021/07/13 06:53:00 UTC
[jira] [Created] (ATLAS-4357) it can't get group with ldap
ighack created ATLAS-4357:
-----------------------------
Summary: it can't get group with ldap
Key: ATLAS-4357
URL: https://issues.apache.org/jira/browse/ATLAS-4357
Project: Atlas
Issue Type: Task
Components: atlas-core
Affects Versions: 2.1.0
Reporter: ighack
atlas.authentication.method.ldap.url=ldap://hoostdd:389
atlas.authentication.method.ldap.userDNpattern=uid=\{0},ou=people,dc=join,dc=com
atlas.authentication.method.ldap.groupSearchBase=ou=group,dc=join,dc=com
atlas.authentication.method.ldap.groupSearchFilter=(memberUid=uid=\{0},ou=peopel,dc=join,dc=com)
atlas.authentication.method.ldap.groupRoleAttribute=cn
atlas.authentication.method.ldap.base.dn=dc=join,dc=com
atlas.authentication.method.ldap.bind.dn=uid=ldapadmin,ou=people,dc=join,dc=com
atlas.authentication.method.ldap.bind.password= 000000
atlas.authentication.method.ldap.referral=ignore
atlas.authentication.method.ldap.user.searchfilter=(uid=\{0})
atlas.authentication.method.ldap.default.role=ROLE_USER
but I get error
2021-07-13 13:02:45,523 WARN - [pool-2-thread-4:] ~ Failed to get groups for user jztwk (retry=0) by javax.naming.OperationNotSupportedException: [LDAP: error code 53 - unauthenticated bind (DN with no password) disallowed] (LdapGroupsMapping:290)2021-07-13 13:02:45,523 WARN - [pool-2-thread-4:] ~ Failed to get groups for user jztwk (retry=0) by javax.naming.OperationNotSupportedException: [LDAP: error code 53 - unauthenticated bind (DN with no password) disallowed] (LdapGroupsMapping:290)2021-07-13 13:02:45,524 WARN - [pool-2-thread-4:] ~ Failed to get groups for user jztwk (retry=1) by javax.naming.OperationNotSupportedException: [LDAP: error code 53 - unauthenticated bind (DN with no password) disallowed] (LdapGroupsMapping:290)2021-07-13 13:02:45,526 WARN - [pool-2-thread-4:] ~ Failed to get groups for user jztwk (retry=2) by javax.naming.OperationNotSupportedException: [LDAP: error code 53 - unauthenticated bind (DN with no password) disallowed] (LdapGroupsMapping:290)2021-07-13 13:02:45,533 WARN - [pool-2-thread-4:] ~ Failed to get groups for user jztwk (retry=0) by javax.naming.OperationNotSupportedException: [LDAP: error code 53 - unauthenticated bind (DN with no password) disallowed] (LdapGroupsMapping:290)2021-07-13 13:02:45,535 WARN - [pool-2-thread-4:] ~ Failed to get groups for user jztwk (retry=1) by javax.naming.OperationNotSupportedException: [LDAP: error code 53 - unauthenticated bind (DN with no password) disallowed] (LdapGroupsMapping:290)2021-07-13 13:02:45,536 WARN - [pool-2-thread-4:] ~ Failed to get groups for user jztwk (retry=2) by javax.naming.OperationNotSupportedException: [LDAP: error code 53 - unauthenticated bind (DN with no password) disallowed] (LdapGroupsMapping:290)2021-07-13 13:02:45,538 ERROR - [pool-2-thread-4:] ~ Exception while fetching groups (AtlasAbstractAuthenticationProvider:137)java.io.IOException: No groups found for user jztwk at org.apache.hadoop.security.Groups.noGroupsForUser(Groups.java:200) at org.apache.hadoop.security.Groups.access$400(Groups.java:75) at org.apache.hadoop.security.Groups$GroupCacheLoader.load(Groups.java:334) at org.apache.hadoop.security.Groups$GroupCacheLoader.load(Groups.java:270) at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3527) at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2276) at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2154) at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2044) at com.google.common.cache.LocalCache.get(LocalCache.java:3951) at com.google.common.cache.LocalCache.getOrLoad(LocalCache.java:3973) at com.google.common.cache.LocalCache$LocalLoadingCache.get(LocalCache.java:4957) at org.apache.hadoop.security.Groups.getGroups(Groups.java:228) at org.apache.atlas.web.security.AtlasAbstractAuthenticationProvider.getAuthoritiesFromUGI(AtlasAbstractAuthenticationProvider.java:125) at org.apache.atlas.web.security.AtlasAbstractAuthenticationProvider.getAuthenticationWithGrantedAuthorityFromUGI(AtlasAbstractAuthenticationProvider.java:89) at org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.getLdapBindAuthentication(AtlasLdapAuthenticationProvider.java:129) at org.apache.atlas.web.security.AtlasLdapAuthenticationProvider.authenticate(AtlasLdapAuthenticationProvider.java:73) at org.apache.atlas.web.security.AtlasAuthenticationProvider.authenticate(AtlasAuthenticationProvider.java:114) at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:174) at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199) at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.java:94) at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:66) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347) at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1691) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) at org.eclipse.jetty.server.Server.handle(Server.java:534) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:273) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748)
--
This message was sent by Atlassian Jira
(v8.3.4#803005)