We're Hiring!

sometimes login issue using ldap users

Having a problem deploying OMERO? Please ask new questions at https://forum.image.sc/tags/omero
Please note:
Historical discussions about OMERO. Please look for and ask new questions at https://forum.image.sc/tags/omero

The OMERO.server installation documentation begins here and you can find OMERO.web deployment documentation here.

Re: sometimes login issue using ldap users

Postby saleht » Thu Jun 22, 2017 6:37 pm

Dear Mark,
I think the issue have nothing to do with the network, because a simple reason after restarting omero service everything will work fine and after a while issue appears again.

Regards
Saleh
saleht
 
Posts: 96
Joined: Wed Nov 16, 2016 1:06 pm

Re: sometimes login issue using ldap users

Postby mtbc » Fri Jun 23, 2017 9:09 am

Dear Saleh,

We still have the simple fact that the OMERO server repeatedly sends requests and gets no response. Further, no other sites have reported this issue but OMERO LDAP usage is commonplace. There have in the past been buggy LDAP servers that had trouble with reusing established connections. Additionally there are various ways in which a stateful firewall in between could be improperly handling its connection table that would cause established inactive connections to drop. Basically: institutional IT problems are consistent with that restarting the OMERO server briefly solves the problem. For the failed requests it would thus be great to know what was logged on the LDAP server and even by firewalls along the way.

Despite the above, from the OMERO side there may yet be workarounds. Did the,
Code: Select all
-Dcom.sun.jndi.ldap.read.timeout=5000

I mentioned make any difference? You may wish to try disabling connection pooling altogether: JVM options that may help include,
Code: Select all
-Dcom.sun.jndi.ldap.connect.pool=false
-Dcom.sun.jndi.ldap.connect.pool.debug=all
-Dcom.sun.jndi.ldap.connect.pool.maxsize=1

so you may wish to experiment with some subset of those to see if any of them have a useful effect.

Note that for easy experimentation such options can be set from the command line, for instance,
Code: Select all
$ bin/omero config set -- omero.jvmcfg.append -Dcom.sun.jndi.ldap.connect.pool=false


Good luck! Cheers,
Mark
User avatar
mtbc
Team Member
 
Posts: 282
Joined: Tue Oct 23, 2012 10:59 am
Location: Dundee, Scotland

Re: sometimes login issue using ldap users

Postby saleht » Wed Jun 28, 2017 8:41 am

Hi Mark,

pls take a look to the results of my command ( bin/omero config get --hide-password)
Code: Select all
omero.data.dir=/data/OMERO
omero.db.name=omero_database
omero.db.pass=********
omero.db.user=db_user
omero.jvmcfg.append=-Dcom.sun.jndi.ldap.connect.pool=false
omero.jvmcfg.remove=-Dcom.sun.jndi.ldap.read.timeout=5000
omero.ldap.base=dc=ad,dc=hhu,dc=de
omero.ldap.config=true
omero.ldap.new_user_group=default
omero.ldap.password=********
omero.ldap.referral=ignore
omero.ldap.urls=ldap://ldaps.ad.hhu.de:3268
omero.ldap.user_mapping=omeName=sAMAccountName,firstName=givenName,lastName=sn,email=mail
omero.ldap.username=SVC_Omero
omero.security.ignore_case=true
omero.web.wsgi_timeout=60
omero.web.wsgi_workers=5


question now
is this right ? i mean:
omero.jvmcfg.append=-Dcom.sun.jndi.ldap.connect.pool=false


i believe that omero.jvmcfg.append should not be appear, by the way i did exactly what you wrote
saleht
 
Posts: 96
Joined: Wed Nov 16, 2016 1:06 pm

Re: sometimes login issue using ldap users

Postby mtbc » Wed Jun 28, 2017 8:53 am

Dear Saleh,

Code: Select all
omero.jvmcfg.append=-Dcom.sun.jndi.ldap.connect.pool=false
looks good to me in your output. Also if you use "ps" to look at the running processes then after restarting the server you should see that the option is indeed passed among the many, e.g.,
Code: Select all
ps awux | grep Blitz | grep ldap


Cheers,
Mark
User avatar
mtbc
Team Member
 
Posts: 282
Joined: Tue Oct 23, 2012 10:59 am
Location: Dundee, Scotland

Re: sometimes login issue using ldap users

Postby saleht » Wed Jun 28, 2017 9:22 am

Dear Mark,

after doing
Code: Select all
-Dcom.sun.jndi.ldap.connect.pool=false
-Dcom.sun.jndi.ldap.connect.pool.debug=all
-Dcom.sun.jndi.ldap.connect.pool.maxsize=1


i am not able to login using ldap users anymore :( at all

if i did filtering on wirshark on ldap port, there is no any active transports occur, which was before not the case

jstack giving

Code: Select all
Full thread dump OpenJDK 64-Bit Server VM (25.131-b12 mixed mode):

"Attach Listener" #25 daemon prio=9 os_prio=0 tid=0x00007f7990003800 nid=0xd9b waiting on condition [0x0000000000000000]
   java.lang.Thread.State: RUNNABLE

"pool-2-thread-5" #24 prio=5 os_prio=0 tid=0x00007f7970009800 nid=0xb6d waiting on condition [0x00007f796dbd9000]
   java.lang.Thread.State: WAITING (parking)
   at sun.misc.Unsafe.park(Native Method)
   - parking to wait for  <0x00000000bdfe6c40> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
   at java.util.concurrent.locks.LockSupport.park(LockSupport.java:175)
   at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2039)
   at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:442)
   at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
   at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
   at java.lang.Thread.run(Thread.java:748)

"pool-2-thread-4" #23 prio=5 os_prio=0 tid=0x00007f7970008000 nid=0xb6b waiting on condition [0x00007f796dcda000]
   java.lang.Thread.State: WAITING (parking)
   at sun.misc.Unsafe.park(Native Method)
   - parking to wait for  <0x00000000bdfe6c40> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
   at java.util.concurrent.locks.LockSupport.park(LockSupport.java:175)
   at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2039)
   at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:442)
   at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
   at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
   at java.lang.Thread.run(Thread.java:748)

"pool-2-thread-3" #22 prio=5 os_prio=0 tid=0x00007f7970005800 nid=0xb69 waiting on condition [0x00007f796dddb000]
   java.lang.Thread.State: WAITING (parking)
   at sun.misc.Unsafe.park(Native Method)
   - parking to wait for  <0x00000000bdfe6c40> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
   at java.util.concurrent.locks.LockSupport.park(LockSupport.java:175)
   at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2039)
   at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:442)
   at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
   at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
   at java.lang.Thread.run(Thread.java:748)

"PixelData-0-Ice.Timer" #21 prio=5 os_prio=0 tid=0x00007f79c5274000 nid=0xb65 waiting on condition [0x00007f796e0dc000]
   java.lang.Thread.State: WAITING (parking)
   at sun.misc.Unsafe.park(Native Method)
   - parking to wait for  <0x00000000f1f08b20> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
   at java.util.concurrent.locks.LockSupport.park(LockSupport.java:175)
   at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2039)
   at java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1081)
   at java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809)
   at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
   at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
   at java.lang.Thread.run(Thread.java:748)

"PixelData-0-Ice.ThreadPool.Server-0" #20 prio=5 os_prio=0 tid=0x00007f79c5254000 nid=0xb64 runnable [0x00007f796e1dd000]
   java.lang.Thread.State: RUNNABLE
   at sun.nio.ch.EPollArrayWrapper.epollWait(Native Method)
   at sun.nio.ch.EPollArrayWrapper.poll(EPollArrayWrapper.java:269)
   at sun.nio.ch.EPollSelectorImpl.doSelect(EPollSelectorImpl.java:93)
   at sun.nio.ch.SelectorImpl.lockAndDoSelect(SelectorImpl.java:86)
   - locked <0x00000000f204e7d0> (a sun.nio.ch.Util$3)
   - locked <0x00000000f204e7c0> (a java.util.Collections$UnmodifiableSet)
   - locked <0x00000000f204e6a8> (a sun.nio.ch.EPollSelectorImpl)
   at sun.nio.ch.SelectorImpl.select(SelectorImpl.java:97)
   at sun.nio.ch.SelectorImpl.select(SelectorImpl.java:101)
   at IceInternal.Selector.select(Selector.java:201)
   at IceInternal.ThreadPool.run(ThreadPool.java:414)
   at IceInternal.ThreadPool.access$300(ThreadPool.java:12)
   at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:832)
   at java.lang.Thread.run(Thread.java:748)

"pool-2-thread-2" #19 prio=5 os_prio=0 tid=0x00007f7970004800 nid=0xb63 waiting on condition [0x00007f796e2de000]
   java.lang.Thread.State: WAITING (parking)
   at sun.misc.Unsafe.park(Native Method)
   - parking to wait for  <0x00000000bdfe6c40> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
   at java.util.concurrent.locks.LockSupport.park(LockSupport.java:175)
   at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2039)
   at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:442)
   at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
   at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
   at java.lang.Thread.run(Thread.java:748)

"PixelData-0-Ice.ThreadPool.Client-0" #18 prio=5 os_prio=0 tid=0x00007f79c5235800 nid=0xb62 runnable [0x00007f796e3df000]
   java.lang.Thread.State: RUNNABLE
   at sun.nio.ch.EPollArrayWrapper.epollWait(Native Method)
   at sun.nio.ch.EPollArrayWrapper.poll(EPollArrayWrapper.java:269)
   at sun.nio.ch.EPollSelectorImpl.doSelect(EPollSelectorImpl.java:93)
   at sun.nio.ch.SelectorImpl.lockAndDoSelect(SelectorImpl.java:86)
   - locked <0x00000000f1f092a0> (a sun.nio.ch.Util$3)
   - locked <0x00000000f1f09290> (a java.util.Collections$UnmodifiableSet)
   - locked <0x00000000f1f09178> (a sun.nio.ch.EPollSelectorImpl)
   at sun.nio.ch.SelectorImpl.select(SelectorImpl.java:97)
   at sun.nio.ch.SelectorImpl.select(SelectorImpl.java:101)
   at IceInternal.Selector.select(Selector.java:201)
   at IceInternal.ThreadPool.run(ThreadPool.java:414)
   at IceInternal.ThreadPool.access$300(ThreadPool.java:12)
   at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:832)
   at java.lang.Thread.run(Thread.java:748)

"pool-2-thread-1" #17 prio=5 os_prio=0 tid=0x00007f7970001800 nid=0xb61 waiting on condition [0x00007f796e4e0000]
   java.lang.Thread.State: WAITING (parking)
   at sun.misc.Unsafe.park(Native Method)
   - parking to wait for  <0x00000000bdfe6c40> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
   at java.util.concurrent.locks.LockSupport.park(LockSupport.java:175)
   at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.await(AbstractQueuedSynchronizer.java:2039)
   at java.util.concurrent.LinkedBlockingQueue.take(LinkedBlockingQueue.java:442)
   at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
   at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
   at java.lang.Thread.run(Thread.java:748)

"OMERO.scheduler_QuartzSchedulerThread" #16 prio=5 os_prio=0 tid=0x00007f79c4ddc000 nid=0xb5f waiting on condition [0x00007f796e7e1000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
   at java.lang.Thread.sleep(Native Method)
   at org.quartz.core.QuartzSchedulerThread.run(QuartzSchedulerThread.java:272)

"metrics-logger-reporter-thread-1" #14 daemon prio=5 os_prio=0 tid=0x00007f79c508b000 nid=0xb39 waiting on condition [0x00007f796f1bc000]
   java.lang.Thread.State: TIMED_WAITING (parking)
   at sun.misc.Unsafe.park(Native Method)
   - parking to wait for  <0x00000000bdfddff8> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
   at java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215)
   at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078)
   at java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:1093)
   at java.util.concurrent.ScheduledThreadPoolExecutor$DelayedWorkQueue.take(ScheduledThreadPoolExecutor.java:809)
   at java.util.concurrent.ThreadPoolExecutor.getTask(ThreadPoolExecutor.java:1067)
   at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1127)
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
   at java.lang.Thread.run(Thread.java:748)

"Ice.ThreadPool.Client-0" #13 prio=5 os_prio=0 tid=0x00007f79c4c55800 nid=0xb2e runnable [0x00007f799457f000]
   java.lang.Thread.State: RUNNABLE
   at sun.nio.ch.EPollArrayWrapper.epollWait(Native Method)
   at sun.nio.ch.EPollArrayWrapper.poll(EPollArrayWrapper.java:269)
   at sun.nio.ch.EPollSelectorImpl.doSelect(EPollSelectorImpl.java:93)
   at sun.nio.ch.SelectorImpl.lockAndDoSelect(SelectorImpl.java:86)
   - locked <0x00000000b333fe38> (a sun.nio.ch.Util$3)
   - locked <0x00000000b333fe28> (a java.util.Collections$UnmodifiableSet)
   - locked <0x00000000b333fd00> (a sun.nio.ch.EPollSelectorImpl)
   at sun.nio.ch.SelectorImpl.select(SelectorImpl.java:97)
   at sun.nio.ch.SelectorImpl.select(SelectorImpl.java:101)
   at IceInternal.Selector.select(Selector.java:201)
   at IceInternal.ThreadPool.run(ThreadPool.java:414)
   at IceInternal.ThreadPool.access$300(ThreadPool.java:12)
   at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:832)
   at java.lang.Thread.run(Thread.java:748)

"net.sf.ehcache.CacheManager@3a5ecce3" #12 daemon prio=5 os_prio=0 tid=0x00007f79c431d000 nid=0xb2b in Object.wait() [0x00007f7994680000]
   java.lang.Thread.State: TIMED_WAITING (on object monitor)
   at java.lang.Object.wait(Native Method)
   - waiting on <0x00000000b3343408> (a java.util.TaskQueue)
   at java.util.TimerThread.mainLoop(Timer.java:552)
   - locked <0x00000000b3343408> (a java.util.TaskQueue)
   at java.util.TimerThread.run(Timer.java:505)

"PostgreSQL-JDBC-SharedTimer-1" #11 daemon prio=5 os_prio=0 tid=0x00007f79c4b90000 nid=0xb26 in Object.wait() [0x00007f7994981000]
   java.lang.Thread.State: WAITING (on object monitor)
   at java.lang.Object.wait(Native Method)
   - waiting on <0x00000000b3344998> (a java.util.TaskQueue)
   at java.lang.Object.wait(Object.java:502)
   at java.util.TimerThread.mainLoop(Timer.java:526)
   - locked <0x00000000b3344998> (a java.util.TaskQueue)
   at java.util.TimerThread.run(Timer.java:505)

"bitronix-task-scheduler" #10 daemon prio=5 os_prio=0 tid=0x00007f79c4b47000 nid=0xb24 waiting on condition [0x00007f7994a82000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
   at java.lang.Thread.sleep(Native Method)
   at bitronix.tm.timer.TaskScheduler.run(TaskScheduler.java:245)

"perf4j-async-stats-appender-sink-CoalescingStatistics" #9 daemon prio=5 os_prio=0 tid=0x00007f79c487f800 nid=0xad4 waiting on condition [0x00007f79b015b000]
   java.lang.Thread.State: TIMED_WAITING (parking)
   at sun.misc.Unsafe.park(Native Method)
   - parking to wait for  <0x00000000b333d790> (a java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject)
   at java.util.concurrent.locks.LockSupport.parkNanos(LockSupport.java:215)
   at java.util.concurrent.locks.AbstractQueuedSynchronizer$ConditionObject.awaitNanos(AbstractQueuedSynchronizer.java:2078)
   at java.util.concurrent.ArrayBlockingQueue.poll(ArrayBlockingQueue.java:418)
   at org.perf4j.helpers.GenericAsyncCoalescingStatisticsAppender$StopWatchesFromQueueIterator.getNext(GenericAsyncCoalescingStatisticsAppender.java:388)
   at org.perf4j.helpers.GenericAsyncCoalescingStatisticsAppender$StopWatchesFromQueueIterator.hasNext(GenericAsyncCoalescingStatisticsAppender.java:349)
   at org.perf4j.helpers.GroupingStatisticsIterator.getNext(GroupingStatisticsIterator.java:149)
   at org.perf4j.helpers.GroupingStatisticsIterator.hasNext(GroupingStatisticsIterator.java:102)
   at org.perf4j.helpers.GenericAsyncCoalescingStatisticsAppender$Dispatcher.run(GenericAsyncCoalescingStatisticsAppender.java:314)
   at java.lang.Thread.run(Thread.java:748)

"Service Thread" #7 daemon prio=9 os_prio=0 tid=0x00007f79c4154800 nid=0xab0 runnable [0x0000000000000000]
   java.lang.Thread.State: RUNNABLE

"C1 CompilerThread1" #6 daemon prio=9 os_prio=0 tid=0x00007f79c4150000 nid=0xaae waiting on condition [0x0000000000000000]
   java.lang.Thread.State: RUNNABLE

"C2 CompilerThread0" #5 daemon prio=9 os_prio=0 tid=0x00007f79c4142800 nid=0xaac waiting on condition [0x0000000000000000]
   java.lang.Thread.State: RUNNABLE

"Signal Dispatcher" #4 daemon prio=9 os_prio=0 tid=0x00007f79c4140000 nid=0xaab runnable [0x0000000000000000]
   java.lang.Thread.State: RUNNABLE

"Finalizer" #3 daemon prio=8 os_prio=0 tid=0x00007f79c4116000 nid=0xaa5 in Object.wait() [0x00007f79b1a87000]
   java.lang.Thread.State: WAITING (on object monitor)
   at java.lang.Object.wait(Native Method)
   - waiting on <0x00000000b3659cd0> (a java.lang.ref.ReferenceQueue$Lock)
   at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:143)
   - locked <0x00000000b3659cd0> (a java.lang.ref.ReferenceQueue$Lock)
   at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:164)
   at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:209)

"Reference Handler" #2 daemon prio=10 os_prio=0 tid=0x00007f79c4111800 nid=0xaa1 in Object.wait() [0x00007f79b1b88000]
   java.lang.Thread.State: WAITING (on object monitor)
   at java.lang.Object.wait(Native Method)
   - waiting on <0x00000000b3659d68> (a java.lang.ref.Reference$Lock)
   at java.lang.Object.wait(Object.java:502)
   at java.lang.ref.Reference.tryHandlePending(Reference.java:191)
   - locked <0x00000000b3659d68> (a java.lang.ref.Reference$Lock)
   at java.lang.ref.Reference$ReferenceHandler.run(Reference.java:153)

"main" #1 prio=5 os_prio=0 tid=0x00007f79c4009000 nid=0xa94 in Object.wait() [0x00007f79cc274000]
   java.lang.Thread.State: WAITING (on object monitor)
   at java.lang.Object.wait(Native Method)
   - waiting on <0x00000000f19c4800> (a IceInternal.ObjectAdapterFactory)
   at java.lang.Object.wait(Object.java:502)
   at IceInternal.ObjectAdapterFactory.waitForShutdown(ObjectAdapterFactory.java:63)
   - locked <0x00000000f19c4800> (a IceInternal.ObjectAdapterFactory)
   at Ice.CommunicatorI.waitForShutdown(CommunicatorI.java:32)
   at ome.services.blitz.Entry.start(Entry.java:202)
   at ome.services.blitz.Entry.main(Entry.java:146)

"VM Thread" os_prio=0 tid=0x00007f79c4108000 nid=0xa9e runnable

"GC task thread#0 (ParallelGC)" os_prio=0 tid=0x00007f79c401e800 nid=0xa98 runnable

"GC task thread#1 (ParallelGC)" os_prio=0 tid=0x00007f79c4020000 nid=0xa9b runnable

"VM Periodic Task Thread" os_prio=0 tid=0x00007f79c4157000 nid=0xab1 waiting on condition

JNI global references: 299



i am getting like always in web Browser 504 Gateway Time-out
Bliz log file like has No error or wrings

i think now with this three line configuration, we can reproduce my original issue it forever

cheers
Saleh
saleht
 
Posts: 96
Joined: Wed Nov 16, 2016 1:06 pm

Re: sometimes login issue using ldap users

Postby mtbc » Wed Jun 28, 2017 9:53 am

Dear Saleh,

If we remove just one of those configuration options do we get back to a state where you can sometimes log in? Maybe only one of them is blocking logins entirely. Perhaps the other, or the read timeout setting I have mentioned separately, is somehow a useful workaround: you may have to try out various combinations.

Once you are somehow back to a state where logins do sometimes work, but the com.sun.jndi.ldap.connect.pool.debug option is still set, could you then upload your zipped Blitz log again mentioning at which time a failed login was? Maybe there'll be some new information there coming from that debug option.

However, judging from the wireshark output, I do fear that we are still at the stage of your asking HHU's IT people why the OMERO server's repeated LDAP requests are sometimes not met with any response.

Cheers,
Mark
User avatar
mtbc
Team Member
 
Posts: 282
Joined: Tue Oct 23, 2012 10:59 am
Location: Dundee, Scotland

Re: sometimes login issue using ldap users

Postby saleht » Wed Jun 28, 2017 12:20 pm

Dear Mark,

actually i just put the ldap.connect.pool true and then again false, and login works again, but the issue (that sometimes ldap user can not log in, sometime still reproducible :( ). i will cry from this issue
i uploaded my log file, timestamps is 14:08, but what is interesting is this issue sometime stay like half an hour or 20 min, ldap users can't login, it is not just 5 min, but if i restated the service it will work directly

cheers
Saleh
saleht
 
Posts: 96
Joined: Wed Nov 16, 2016 1:06 pm

Re: sometimes login issue using ldap users

Postby mtbc » Thu Jun 29, 2017 11:48 am

Dear Saleh,

Thank you for the log, I'm afraid it showed nothing new.

One thing it occurred to me to wonder: Do the LDAP logins from OMERO stop working a certain amount of time after either the server started or the last successful login? E.g., if an LDAP user logs in successfully, another can soon after, but if there's a long time without logins then the next one can't? That might be something to look out for in your testing.

Cheers,
Mark
User avatar
mtbc
Team Member
 
Posts: 282
Joined: Tue Oct 23, 2012 10:59 am
Location: Dundee, Scotland

Re: sometimes login issue using ldap users

Postby mtbc » Thu Jun 29, 2017 12:08 pm

Dear Saleh,

I am sorry: I was puzzling over the lack of extra information in the log. If I experiment here then with the -Dcom.sun.jndi.ldap.connect.pool.debug=all setting the extra debug output actually spills out into var/log/master.err, not Blitz-0.log! I do not know if some tweak to etc/logback.xml could fix that.

It's a bit tricky given the lack of times in that file but, by watching what new entries appear in it, do you think you could capture exactly the output that appears for both successful and failed logins separately? Perhaps there is an extra clue there. Though my guess is that if an OMERO-side workaround is possible then it probably depends on configuration options we've already mentioned.

Cheers,
Mark
User avatar
mtbc
Team Member
 
Posts: 282
Joined: Tue Oct 23, 2012 10:59 am
Location: Dundee, Scotland

Re: sometimes login issue using ldap users

Postby saleht » Mon Jul 03, 2017 8:50 am

Dear Mark,

Code: Select all
bin/omero config set -- omero.jvmcfg.append -Dcom.sun.jndi.ldap.connect.pool.timeout=500


after doing this, i was able to solve the issue,
it was written here
https://www.ibm.com/support/knowledgece ... ppt170.htm
, thx for u and Josh for your support

see you at the next issue :D :mrgreen:

cheers
Saleh
saleht
 
Posts: 96
Joined: Wed Nov 16, 2016 1:06 pm

PreviousNext

Return to Installation and Deployment

Who is online

Users browsing this forum: No registered users and 1 guest