-
Type:
Bug
-
Status: Open
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:
-
Severity:Medium
When we authenticate with API key with an LDAP user we call the method refreshUserFromLdap
We perform a query to LDAP to search for the username and get it's groups.
The issue happens if the LDAP queries within findSettingsForActiveUser succeed, but the LDAP queries within searchUserInLdap fails.
When that happens, dirContextOperations is returned as null, then null pointer exceptions are shown within createSimpleUser, so 500 error is returned as the exception is not caught, and request log was skipped as well because of uncought exception.
For example:
FE (Httpd):
[17/Mar/2020:13:24:40 +0100] redacted "GET /artifactory/some-repo/path-to-package/some-file.tgz HTTP/1.1" 65 500 2151467 redacted
BE request.log:
No log is displayed for that particular request.
BE artifactory.log:
artifactory.2020-03-17.5.log.zip:2020-03-17 13:24:42,460 [http-nio-8081-exec-2549] [WARN ] (o.a.s.l.LdapServiceImpl:179) - Unexpected exception in LDAP query:for user redacted vid LDAP: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: LDAP response read timed out, timeout used:2000ms.
Please note that another possible impacted method is the getStringAttribute and populateGroups org/artifactory/security/ldap/LdapUtils.java:221 when going through the createSimpleUser.
- is related to
-
- Done
