Expand my Community achievements bar.

SOLVED

LDAP Module sometimes ignores the valid user credentials.

Avatar

Former Community Member

Hi,

We are using sling form authentication over ldap to authenticate users on the publisher instance directly. When we do load test at random some users fail to login and hence they have to again put their credentials and login. The ldap module at random is ignoring some user credentials. The user name and password were verified by looking the request in Charles.

In all the cases after the user put their credentials, we call

private AuthenticationInfo extractRequestParameterAuthentication(HttpServletRequest request)

and authInfo object is either created or fails to create randomly. In case the code successfully creates authInfo object it logs the user in by calling     

@Override
public boolean authenticationSucceeded(HttpServletRequest request, HttpServletResponse response, AuthenticationInfo authInfo)

while in some cases the authInfo object remains null and Sling Authenticator call the object 

public void authenticationFailed(HttpServletRequest request, HttpServletResponse response, AuthenticationInfo authInfo).

This is happening not very often but fails the load test script.

<!-- Login Fails-->
23.12.2014 16:55:40.875 *INFO* [192.168.147.20 [1419306940870] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler User is sZCgPhG0ZNPcTKdOWK 
23.12.2014 16:55:40.877 *INFO* [192.168.147.20 [1419306940870] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler Extract information of user sZCgPhG0ZNPcTKdOWK
23.12.2014 16:55:40.913 *INFO* [192.168.147.20 [1419306940870] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] com.day.crx.security.ldap.LDAPLoginModule verify of principal CN=sZCgPhG0ZNPcTKdOWK,DC=web,DC=dt failed -> marking as invalid
23.12.2014 16:55:40.913 *INFO* [192.168.147.20 [1419306940870] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler Authentication Failed for user sZCgPhG0ZNPcTKdOWK


<!-- Login Fails-->
23.12.2014 16:59:37.811 *INFO* [192.168.147.20 [1419307177763] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler User is sZCgPhG0ZNPcTKdOWK 
23.12.2014 16:59:37.813 *INFO* [192.168.147.20 [1419307177763] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler Extract information of user sZCgPhG0ZNPcTKdOWK
23.12.2014 16:59:37.815 *INFO* [192.168.147.20 [1419307177763] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] com.day.crx.security.ldap.LDAPLoginModule the last password logon for user sZCgPhG0ZNPcTKdOWK with the principal CN=sZCgPhG0ZNPcTKdOWK,DC=web,DC=dt failed -> trying to retrieve fresh principal
23.12.2014 16:59:37.826 *INFO* [192.168.147.20 [1419307177763] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] com.day.crx.security.ldap.LDAPLoginModule verify of principal CN=sZCgPhG0ZNPcTKdOWK,DC=web,DC=dt failed -> marking as invalid
23.12.2014 16:59:37.826 *INFO* [192.168.147.20 [1419307177763] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler Authentication Failed for user sZCgPhG0ZNPcTKdOWK
23.12.2014 16:59:37.826 *INFO* [192.168.147.20 [1419307177763] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] org.apache.sling.auth.core.impl.SlingAuthenticator handleLoginFailure: Unable to authenticate sZCgPhG0ZNPcTKdOWK: null


<!-- Valid User login -->
23.12.2014 17:00:38.092 *INFO* [192.168.147.20 [1419307238089] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler User is sZCgPhG0ZNPcTKdOWK 
23.12.2014 17:00:38.094 *INFO* [192.168.147.20 [1419307238089] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler Extract information of user sZCgPhG0ZNPcTKdOWK
23.12.2014 17:00:38.097 *INFO* [192.168.147.20 [1419307238089] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] com.day.crx.security.ldap.LDAPLoginModule the last password logon for user sZCgPhG0ZNPcTKdOWK with the principal CN=sZCgPhG0ZNPcTKdOWK,DC=web,DC=dt failed -> trying to retrieve fresh principal
23.12.2014 17:00:38.150 *INFO* [192.168.147.20 [1419307238089] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler Authentication succeeded for user sZCgPhG0ZNPcTKdOWK
23.12.2014 17:00:38.209 *INFO* [192.168.147.20 [1419307238089] POST /content/ABCD/lcxjvl/registration/screen-1/j_ABCD_security_check?j_validate=true HTTP/1.1] lcxjvl.core.services.user.login.ABCDAuthenticationHandler authCookie is kk=sdlfjlsdjflsdflj

Any help looking at the logs will be appreciated.

1 Accepted Solution

Avatar

Correct answer by
Level 10

Hi Kumarla123,

Can you enable debug for ldap for package com.day.crx.security.ldap and attach the logs when it fails.

Thanks,

Sham

View solution in original post

1 Reply

Avatar

Correct answer by
Level 10

Hi Kumarla123,

Can you enable debug for ldap for package com.day.crx.security.ldap and attach the logs when it fails.

Thanks,

Sham