By: Sathish Kumar S . user 05 Feb 2019 at 7:50 a.m. CST

5 Responses
Sathish Kumar S . gravatar
Hi Team, We have another issue which is could be related to LDAP, "Login Redirect again to login page" This happening many times. 1. Only after removing LDAP worker1 and worker2, with one LDAP manager the issue gets resolved. 2. When having 3 LDAP - Sometimes its gets login and never gets logged out randomly 3. LDAP - If we clear browser cache, cookies login work sometimes, but doesn't work sometimes. **Error 1:** `ERROR [qtp1514322932-310] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:231) - Failed to get session attributes` **Error 2:** Authentication success - But redirecting to login page ``` Feb 5 13:21:33 manager1 oxauth/nexus-versa.contus.us:8083/gluufederation-oxauth:3.1.4_01@sha256:6a5b59667eb5e63263fbbd00466b024a0a8c7e3740e8fabaee4bfa741589b235/23c0e6091971[869] 2019-02-05 13:21:33,098 INFO [qtp1514322932-636] [org.xdi.oxauth.service.AuthenticationService] (AuthenticationService.java:533) - Attempting to redirect user: SessionUser: SessionState {dn='oxAuthSessionId=02300684-47ad-4f59-ac2d-a8a1aa0cffd4,ou=session,o=@!E5D7.90D8.DA9D.7D58!0001!A874.6423,o=gluu', id='02300684-47ad-4f59-ac2d-a8a1aa0cffd4', lastUsedAt=Tue Feb 05 13:21:33 GMT 2019, userDn='inum=@!6B40.313A.49EF.A62F!0001!5856.AE20!0000!D2FB.796F.B303.88C3,ou=people,o=@!E5D7.90D8.DA9D.7D58!0001!A874.6423,o=gluu', authenticationTime=Tue Feb 05 13:21:33 GMT 2019, state=authenticated, sessionState='4284e7d7-a769-4721-90d9-fb565ad68d87', permissionGranted=null, isJwt=false, jwt=null, permissionGrantedMap=org.xdi.oxauth.model.common.SessionIdAccessMap@2dc6f902, involvedClients=null, sessionAttributes={auth_external_attributes=null, response_type=code, nonce=9d221591-b93c-4cc0-998a-cb817d297e30, client_id=@!E5D7.90D8.DA9D.7D58!0001!A874.6423!0008!9B2B.5B90, auth_step=1, acr=auth_ldap_server, remote_ip=192.168.7.216, 192.168.8.30, auth_user=versaadmin@versa.com, scope=openid profile email user_name, acr_values=auth_ldap_server, redirect_uri=https://192.168.8.29/identity/authentication/getauthcode, state=08e2252b-77f0-4e68-a2fb-1bf1694807f7}, persisted=true} Feb 5 13:21:33 manager1 oxauth/nexus-versa.contus.us:8083/gluufederation-oxauth:3.1.4_01@sha256:6a5b59667eb5e63263fbbd00466b024a0a8c7e3740e8fabaee4bfa741589b235/23c0e6091971[869] 2019-02-05 13:21:33,109 INFO [qtp1514322932-636] [org.xdi.oxauth.service.AuthenticationService] (AuthenticationService.java:541) - Attempting to redirect user: User: org.xdi.oxauth.model.common.User@36e4cd34 Feb 5 13:21:33 manager1 oxauth/nexus-versa.contus.us:8083/gluufederation-oxauth:3.1.4_01@sha256:6a5b59667eb5e63263fbbd00466b024a0a8c7e3740e8fabaee4bfa741589b235/23c0e6091971[869] 2019-02-05 13:21:33,112 INFO [qtp1514322932-636] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:365) - Authentication success for User: 'versaadmin@versa.com' ``` **Error 3:** When i refresh browser (CTRL + F5) `ERROR [qtp1514322932-636] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:542) - Failed to get attributes from session` **Error 4:** Ldap-manager `2019-02-05 13:42:37,118 INFO [qtp1514322932-347] [org.xdi.oxauth.auth.Authenticator] (Authenticator.java:365) - Authentication success for User: 'versaadmin@versa.com'` ldap-worker-2 `2019-02-05 13:42:37,172 ERROR [qtp1514322932-502] [xdi.oxauth.authorize.ws.rs.AuthorizeAction] (AuthorizeAction.java:185) - Permission denied. client_id should be not empty.` Note: Added GLUU_CONSUL_CONSISTENCY=default envvar in ldap-manager.yml. https://support.gluu.org/installation/6330/502-gateway-error-failed-to-load-configuration-from-ldap-gluu-docker-multi-node/#at42178 Thanks, Sathish.

By Michael Schwartz staff 05 Feb 2019 at 8:10 a.m. CST

Michael Schwartz gravatar
Unfortunately, docker support is an enterprise only feature.

By Sathish Kumar S . user 05 Feb 2019 at 8:38 a.m. CST

Sathish Kumar S . gravatar
Superb. If the community edition doesn't work properly, how would we suggest our clients to buy Enterprise edition??

By Michael Schwartz staff 05 Feb 2019 at 8:56 a.m. CST

Michael Schwartz gravatar
We offer community support for the VM packages. Docker Edition is an enterprise support option only. Functionally, CE is complete. Docker is a deployment choice. If you are testing, you don't need clusters.

By Sathish Kumar S . user 05 Feb 2019 at 9:14 a.m. CST

Sathish Kumar S . gravatar
I don't expect community edition multi-node cluster to work like pro, but i expect it should perform authentication all the time. Thanks.

By William Lowe staff 05 Feb 2019 at 9:33 a.m. CST

William Lowe gravatar
There's a lot of operational complexity with Docker Edition. I'm sure there is a good reason for the inconsistent functionality. In order to look into this, we need to assign a resource. The software is free, but our time is not. Even so, we have offered quite a bit of free support to you and your colleagues here on the forums. If you feel like this is important and you want us to look into it, you should consider purchasing support.