У меня внезапно возникает проблема с моей рабочей версией, когда я пытаюсь получить к ней доступ, она говорит Неверное имя пользователя и пароль.
Вот ошибки из service.log
2019-10-18 17:06:58.447:INFO:cdrjj.JettyCachingLdapLoginModule:qtp683347804-24: Login attempts: 1, Hits: 0, Ratio: 0%.
2019-10-18 17:06:58.468:INFO:cdrjj.JettyCachingLdapLoginModule:qtp683347804-24: Attempting authentication: CN=Lastname, Firstname,OU=Intern,OU=USERS,OU=City,OU=Country,DC=company,DC=lan
Oct 18, 2019 5:06:58 PM org.rundeck.jaas.jetty.JettyRolePropertyFileLoginModule debug
INFO: AbstractSharedLoginModule: login with sharedLoginState auth, try? false, use? true
Oct 18, 2019 5:06:58 PM org.rundeck.jaas.jetty.JettyRolePropertyFileLoginModule debug
INFO: JettyRolePropertyFileLoginModule: userInfo found for first.last? true
Oct 18, 2019 5:06:58 PM org.rundeck.jaas.jetty.JettyRolePropertyFileLoginModule debug
INFO: AbstractSharedLoginModule: using login result: true
Oct 18, 2019 5:06:58 PM org.rundeck.jaas.jetty.JettyRolePropertyFileLoginModule debug
INFO: role names: [first.last, ADMINGRP]
2019-10-18 17:06:58.553:WARN:oejj.JAASLoginService:qtp683347804-24:
javax.security.auth.login.LoginException: java.lang.NullPointerException: invalid null input(s)|?at java.util.Objects.requireNonNull(Objects.java:239)|?at javax.security.auth.Subject$SecureSet.add(Subject.java:1321)|?at java.util.Collections$SynchronizedCollection.add(Collections.java:2048)|?at org.eclipse.jetty.jaas.spi.AbstractLoginModule$JAASUserInfo.setJAASInfo(AbstractLoginModule.java:95)|?at org.eclipse.jetty.jaas.spi.AbstractLoginModule.commit(AbstractLoginModule.java:189)|?at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.commit(JettyCachingLdapLoginModule.java:895)|?at com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule.commit(JettyCombinedLdapLoginModule.java:182)|?at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)|?at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)|?at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)|?at java.lang.reflect.Method.invoke(Method.java:508)|?at javax.security.auth.login.LoginContext.invoke(LoginContext.java:788)|?at javax.security.auth.login.LoginContext.access$000(LoginContext.java:196)|?at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)|?at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)|?at java.security.AccessController.doPrivileged(AccessController.java:734)|?at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:696)|?at javax.security.auth.login.LoginContext.login(LoginContext.java:598)|?at org.eclipse.jetty.jaas.JAASLoginService.login(JAASLoginService.java:241)|?at org.eclipse.jetty.security.authentication.LoginAuthenticator.login(LoginAuthenticator.java:52)|?at org.eclipse.jetty.security.authentication.FormAuthenticator.login(FormAuthenticator.java:192)|?at org.eclipse.jetty.security.authentication.FormAuthenticator.validateRequest(FormAuthenticator.java:229)|?at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:499)|?at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:213)|?at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1097)|?at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:448)|?at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:175)|?at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1031)|?at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:136)|?at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)|?at org.eclipse.jetty.server.Server.handle(Server.java:446)|?at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:271)|?at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:246)|?at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:358)|?at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:601)|?at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:532)|?at java.lang.Thread.run(Thread.java:818)|
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:890)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:196)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(AccessController.java:734)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:696)
at javax.security.auth.login.LoginContext.login(LoginContext.java:598)
at org.eclipse.jetty.jaas.JAASLoginService.login(JAASLoginService.java:241)
at org.eclipse.jetty.security.authentication.LoginAuthenticator.login(LoginAuthenticator.java:52)
at org.eclipse.jetty.security.authentication.FormAuthenticator.login(FormAuthenticator.java:192)
at org.eclipse.jetty.security.authentication.FormAuthenticator.validateRequest(FormAuthenticator.java:229)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:499)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:213)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1097)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:448)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:175)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1031)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:136)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
at org.eclipse.jetty.server.Server.handle(Server.java:446)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:271)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:246)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.run(AbstractConnection.java:358)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:601)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:532)
at java.lang.Thread.run(Thread.java:818)
Вот мой файл профиля:
RDECK_INSTALL="${RDECK_INSTALL:-/var/lib/rundeck}"
RDECK_BASE="${RDECK_BASE:-/var/lib/rundeck}"
RDECK_CONFIG="${RDECK_CONFIG:-/etc/rundeck}"
RDECK_SERVER_BASE="${RDECK_SERVER_BASE:-$RDECK_BASE}"
RDECK_SERVER_CONFIG="${RDECK_SERVER_CONFIG:-$RDECK_CONFIG}"
RDECK_SERVER_DATA="${RDECK_SERVER_DATA:-$RDECK_BASE/data}"
RDECK_PROJECTS="${RDECK_PROJECTS:-$RDECK_BASE/projects}"
RUNDECK_TEMPDIR="${RUNDECK_TEMPDIR:-/tmp/rundeck}"
RUNDECK_WORKDIR="${RUNDECK_TEMPDIR:-$RDECK_BASE/work}"
RUNDECK_LOGDIR="${RUNDECK_LOGDIR:-$RDECK_BASE/logs}"
RDECK_JVM_SETTINGS="${RDECK_JVM_SETTINGS:- -Xmx1024m -Xms256m -XX:MaxPermSize=256m -server}"
RDECK_TRUSTSTORE_FILE="${RDECK_TRUSTSTORE_FILE:-$RDECK_CONFIG/ssl/truststore}"
RDECK_TRUSTSTORE_TYPE="${RDECK_TRUSTSTORE_TYPE:-jks}"
JAAS_CONF="${JAAS_CONF:-$RDECK_CONFIG/jaas-loginmodule.conf}"
LOGIN_MODULE="${LOGIN_MODULE:-RDpropertyfilelogin}"
RDECK_HTTP_PORT=${RDECK_HTTP_PORT:-4440}
RDECK_HTTPS_PORT=${RDECK_HTTPS_PORT:-4443}
if [ -z "$JAVA_CMD" ] && [ -n "$JAVA_HOME" ] && [ -x "$JAVA_HOME/bin/java" ] ; then
JAVA_CMD=$JAVA_HOME/bin/java
PATH=$PATH:$JAVA_HOME/bin
export JAVA_HOME
elif [ -z "$JAVA_CMD" ] ; then
JAVA_CMD=java
fi
for jar in $(find $RDECK_INSTALL/cli -name '.jar') ; do
CLI_CP=${CLI_CP:+$CLI_CP:}$jar
done
for jar in $(find $RDECK_INSTALL/bootstrap -name '.jar') ; do
BOOTSTRAP_CP=${BOOTSTRAP_CP:+$BOOTSTRAP_CP:}$jar
done
RDECK_JVM="-Djava.security.auth.login.config=/etc/rundeck/jaas-activedirectory.conf
-Dloginmodule.name=multiauth
-Drdeck.config=$RDECK_CONFIG
-Drundeck.server.configDir=$RDECK_SERVER_CONFIG
-Dserver.datastore.path=$RDECK_SERVER_DATA/rundeck
-Drundeck.server.serverDir=$RDECK_INSTALL
-Drdeck.projects=$RDECK_PROJECTS
-Drdeck.runlogs=$RUNDECK_LOGDIR
-Drundeck.config.location=$RDECK_CONFIG/rundeck-config.properties
-Djava.io.tmpdir=$RUNDECK_TEMPDIR
-Drundeck.server.workDir=$RUNDECK_WORKDIR
-Dserver.http.port=$RDECK_HTTP_PORT"
if [ -n "$RUNDECK_WITH_SSL" ] ; then
RDECK_JVM="$RDECK_JVM -Drundeck.ssl.config=$RDECK_SERVER_CONFIG/ssl/ssl.properties -Dserver.https.port=${RDECK_HTTPS_PORT}"
RDECK_SSL_OPTS="${RDECK_SSL_OPTS:- -Djavax.net.ssl.trustStore=$RDECK_TRUSTSTORE_FILE -Djavax.net.ssl.trustStoreType=$RDECK_TRUSTSTORE_TYPE -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol}"
fi
unset JRE_HOME
umask 002
rundeckd="$JAVA_CMD $RDECK_JVM $RDECK_JVM_OPTS -cp $BOOTSTRAP_CP com.dtolabs.rundeck.RunServer $RDECK_BASE"
Вот мой jaas-activedirectory.conf:
multiauth {
com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule required
debug="true"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
providerUrl="ldap://ldaphostname.example.lan:3268"
bindDn="ebi_ad_d@example.lan"
bindPassword="maskpassword"
authenticationMethod="simple"
forceBindingLogin="true"
userBaseDn="DC=example,DC=lan"
userRdnAttribute="sAMAccountName"
userIdAttribute="sAMAccountName"
userPasswordAttribute="unicodePwd"
userObjectClass="user"
roleBaseDn="OU=Rundeck,OU=GROUPS APPLICATION,OU=CITY,OU=COUNTRY,DC=example,DC=lan"
roleNameAttribute="sAMAccountName"
roleMemberAttribute="member"
roleObjectClass="group"
cacheDurationMillis="300000"
supplementalRoles="user"
reportStatistics="true"
timeoutRead="10000"
timeoutConnect="20000"
nestedGroups="true"
ignoreRoles="true"
storePass="true";
org.eclipse.jetty.jaas.spi.PropertyFileLoginModule sufficient
debug="true"
storePass="true"
file="/etc/rundeck/realm.properties";
org.rundeck.jaas.jetty.JettyRolePropertyFileLoginModule required
debug="true"
useFirstPass="true"
file="/etc/rundeck/realm.properties"
refreshInterval="60"
caseInsensitive="true";
};
Подробно My Rundeck Версия Rundeck: 2.10
Тип установки: rpm
Имя / версия ОС: RHE выпуск 6
Тип / версия БД:h2