<div dir="ltr">Thanks Edgar,<div><br></div><div>I had also found that resource (atlassian) - I am glad it is working by you... I will try the same and see what happens....</div><div><br></div><div>Best regards</div><div>Adrian</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Feb 29, 2016 at 3:17 PM, Edgar Vonk - Info.nl <span dir="ltr"><<a href="mailto:Edgar@info.nl" target="_blank">Edgar@info.nl</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Yes, we had the same issue. For us the solution was: <a href="http://lists.jboss.org/pipermail/keycloak-user/2016-February/004961.html" rel="noreferrer" target="_blank">http://lists.jboss.org/pipermail/keycloak-user/2016-February/004961.html</a><br>
<br>
cheers<br>
<br>
Edgar<br>
<div><div class="h5"><br>
<br>
> On 29 Feb 2016, at 10:58, Adrian Matei <<a href="mailto:adrianmatei@gmail.com">adrianmatei@gmail.com</a>> wrote:<br>
><br>
> Hi everyone,<br>
><br>
> From time to time we are experiencing the following error :<br>
> "LDAP Query Failed" (connection resets) for example by user registration, but by the second try it usually works....<br>
><br>
> Connection to AD takes place via ldaps and keycloak (1.7.0.Final) running on a JBoss EAP 6.4 with Java 8 installed.<br>
><br>
> The complete stacktrace from server.log:<br>
> 08:47:05,029 ERROR [org.keycloak.services.resources.ModelExceptionMapper] (http-/159.232.186.74:8443-7) LDAP Query failed: org.keycloak.models.ModelException: LDAP Query failed<br>
> at org.keycloak.federation.ldap.idm.query.internal.LDAPQuery.getResultList(LDAPQuery.java:153) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.federation.ldap.idm.query.internal.LDAPQuery.getFirstResult(LDAPQuery.java:160) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.federation.ldap.LDAPFederationProvider.loadLDAPUserByUsername(LDAPFederationProvider.java:440) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.federation.ldap.LDAPFederationProvider.loadAndValidateUser(LDAPFederationProvider.java:230) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.federation.ldap.LDAPFederationProvider.validateAndProxy(LDAPFederationProvider.java:89) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.models.UserFederationManager.validateAndProxyUser(UserFederationManager.java:130) [keycloak-model-api-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.models.UserFederationManager.getUserById(UserFederationManager.java:163) [keycloak-model-api-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.models.sessions.infinispan.compat.UserSessionAdapter.getUser(UserSessionAdapter.java:62) [keycloak-model-sessions-infinispan-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.services.resources.LoginActionsService.initEvent(LoginActionsService.java:732) [keycloak-services-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.services.resources.LoginActionsService.processRequireAction(LoginActionsService.java:798) [keycloak-services-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.services.resources.LoginActionsService.requiredActionPOST(LoginActionsService.java:750) [keycloak-services-1.7.0.Final.jar:1.7.0.Final]<br>
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_66]<br>
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) [rt.jar:1.8.0_66]<br>
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.8.0_66]<br>
> at java.lang.reflect.Method.invoke(Method.java:497) [rt.jar:1.8.0_66]<br>
> at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:168) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:269) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:227) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.core.ResourceLocator.invokeOnTargetObject(ResourceLocator.java:158) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.core.ResourceLocator.invoke(ResourceLocator.java:91) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispatcher.java:561) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:543) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:128) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:208) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:55) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:50) [resteasy-jaxrs-2.3.12.Final-redhat-1.jar:]<br>
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) [jboss-servlet-api_3.0_spec-1.0.2.Final-redhat-2.jar:1.0.2.Final-redhat-2]<br>
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.keycloak.services.filters.KeycloakSessionServletFilter.doFilter(KeycloakSessionServletFilter.java:61) [keycloak-services-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:231) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.5.5.Final-redhat-3.jar:7.5.5.Final-redhat-3]<br>
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:150) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:344) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:854) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:926) [jbossweb-7.5.12.Final-redhat-1.jar:7.5.12.Final-redhat-1]<br>
> at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_66]<br>
> Caused by: org.keycloak.models.ModelException: Querying of LDAP failed org.keycloak.federation.ldap.idm.query.internal.LDAPQuery@7434dc3b<br>
> at org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore.fetchQueryResults(LDAPIdentityStore.java:158) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.federation.ldap.idm.query.internal.LDAPQuery.getResultList(LDAPQuery.java:149) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> ... 42 more<br>
> Caused by: javax.naming.CommunicationException: simple bind failed: ldaps.AD_hostname:636 [Root exception is java.net.SocketException: Connection reset]<br>
> at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2788) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) [rt.jar:1.8.0_66]<br>
> at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:122)<br>
> at org.jboss.as.naming.InitialContext.init(InitialContext.java:107)<br>
> at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) [rt.jar:1.8.0_66]<br>
> at org.jboss.as.naming.InitialContext.<init>(InitialContext.java:98)<br>
> at org.jboss.as.naming.InitialContextFactory.getInitialContext(InitialContextFactory.java:44)<br>
> at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) [rt.jar:1.8.0_66]<br>
> at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) [rt.jar:1.8.0_66]<br>
> at javax.naming.InitialContext.init(InitialContext.java:244) [rt.jar:1.8.0_66]<br>
> at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) [rt.jar:1.8.0_66]<br>
> at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.createLdapContext(LDAPOperationManager.java:453) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.execute(LDAPOperationManager.java:518) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.federation.ldap.idm.store.ldap.LDAPOperationManager.search(LDAPOperationManager.java:148) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> at org.keycloak.federation.ldap.idm.store.ldap.LDAPIdentityStore.fetchQueryResults(LDAPIdentityStore.java:149) [keycloak-ldap-federation-1.7.0.Final.jar:1.7.0.Final]<br>
> ... 43 more<br>
> Caused by: java.net.SocketException: Connection reset<br>
> at java.net.SocketInputStream.read(SocketInputStream.java:209) [rt.jar:1.8.0_66]<br>
> at java.net.SocketInputStream.read(SocketInputStream.java:141) [rt.jar:1.8.0_66]<br>
> at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) [jsse.jar:1.8.0_66]<br>
> at sun.security.ssl.InputRecord.read(InputRecord.java:503) [jsse.jar:1.8.0_66]<br>
> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973) [jsse.jar:1.8.0_66]<br>
> at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) [jsse.jar:1.8.0_66]<br>
> at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747) [jsse.jar:1.8.0_66]<br>
> at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) [jsse.jar:1.8.0_66]<br>
> at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) [rt.jar:1.8.0_66]<br>
> at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:426) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:399) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359) [rt.jar:1.8.0_66]<br>
> at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214) [rt.jar:1.8.0_66]<br>
> ... 62 more<br>
><br>
> Anybody else experienced and fixed this?<br>
><br>
> Thanks,<br>
> Adrian<br>
</div></div>> _______________________________________________<br>
> keycloak-user mailing list<br>
> <a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br>
<br>
</blockquote></div><br></div>