By: Joe Smith user 26 Apr 2022 at 3:50 p.m. CDT

3 Responses
Joe Smith gravatar
I've been working on OpenID Connect integration via oxd API. I setup and registered clients and read through docs. It works great and does exactly what I need. This morning, when I entered web address of our Gluu installation, I received a 503 error. We are using opendj. I've restarted (identity, opendj, oxauth) services and investigated logs: *oxauth.log* ``` 2022-04-26 18:04:24,031 ERROR [main] [org.gluu.oxauth.model.config.ConfigurationFactory] (ConfigurationFactory.java:367) - Failed to load configuration from file: /etc/gluu/conf/oxauth-config.json 2022-04-26 18:04:24,031 ERROR [main] [org.gluu.oxauth.model.config.ConfigurationFactory] (ConfigurationFactory.java:183) - Failed to load configuration from LDAP. Please fix it!!!. ``` *oxauth.log* ``` Caused by: com.unboundid.ldap.sdk.LDAPException: An error occurred while attempting to establish a connection to server localhost/127.0.0.1:1636: ConnectException(Connection refused (Connection refused)), ldapSDKVersion=6.0.0, revision=524c20f3bbcc0d83fb56b9e136a2fd3a7f60437d at com.unboundid.ldap.sdk.ConnectThread.getConnectedSocket(ConnectThread.java:287) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.LDAPConnectionInternals.<init>(LDAPConnectionInternals.java:185) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:904) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:802) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.LDAPConnection.connect(LDAPConnection.java:740) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.LDAPConnection.<init>(LDAPConnection.java:560) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.SingleServerSet.getConnection(SingleServerSet.java:329) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.FailoverServerSet.getConnection(FailoverServerSet.java:688) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.LDAPConnectionPool.createConnection(LDAPConnectionPool.java:1297) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.LDAPConnectionPool.createConnection(LDAPConnectionPool.java:1269) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.LDAPConnectionPool.getConnection(LDAPConnectionPool.java:1866) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at com.unboundid.ldap.sdk.AbstractConnectionPool.getEntry(AbstractConnectionPool.java:642) ~[unboundid-ldapsdk-6.0.0.jar:6.0.0] at org.gluu.persist.ldap.operation.impl.LdapOperationServiceImpl.lookupImpl(LdapOperationServiceImpl.java:619) ~[gluu-orm-ldap-4.3.1.Final.jar:?] at org.gluu.persist.ldap.operation.impl.LdapOperationServiceImpl.lookup(LdapOperationServiceImpl.java:605) ~[gluu-orm-ldap-4.3.1.Final.jar:?] at org.gluu.persist.ldap.impl.LdapEntryManager.find(LdapEntryManager.java:399) ~[gluu-orm-ldap-4.3.1.Final.jar:?] ... 27 more Caused by: java.net.ConnectException: Connection refused (Connection refused) at java.net.PlainSocketImpl.socketConnect(Native Method) ~[?:?] at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399) ~[?:?] at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242) ~[?:?] at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224) ~[?:?] at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) ~[?:?] at java.net.Socket.connect(Socket.java:609) ~[?:?] at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:299) ~[?:?] ``` */opt/opendj/bin/ldapsearch -h localhost -p 1636 -Z -X -D "cn=directory manager" -w "xxxxx" -b "o=gluu" "objectclass="* ``` The LDAP search request failed: 49 (Invalid Credentials) ``` *gluu-ldap.properties* ``` bindDN: cn=directory manager bindPassword: ******* servers: localhost:1636 useSSL: true ssl.trustStoreFile: /etc/certs/opendj.pkcs12 ssl.trustStorePin: ******* ssl.trustStoreFormat: pkcs12 maxconnections: 10 # Max wait 20 seconds connection.max-wait-time-millis=20000 # Force to recreate polled connections after 30 minutes connection.max-age-time-millis=1800000 # Invoke connection health check after checkout it from pool connection-pool.health-check.on-checkout.enabled=false # Interval to check connections in pool. Value is 3 minutes. Not used when onnection-pool.health-check.on-checkout.enabled=true connection-pool.health-check.interval-millis=180000 # How long to wait during connection health check. Max wait 20 seconds connection-pool.health-check.max-response-time-millis=20000 binaryAttributes=objectGUID certificateAttributes=userCertificate ``` I checked *etc/gluu/conf/oxauth-config.json* and did not see the config file. As I mentioned, this was working fine yesterday and no configs changed.

By Mobarak Hosen Shakil staff 26 Apr 2022 at 5:58 p.m. CDT

Mobarak Hosen Shakil gravatar
Hi Joe, Did you check Opendj is running or not?

By Joe Smith user 26 Apr 2022 at 9:10 p.m. CDT

Joe Smith gravatar
I did and it is running @Mobarak Hosen.Shakil I fixed the issue by creating the oxauth-config.json file in /etc/gluu/conf/ with this file [content](https://raw.githubusercontent.com/GluuFederation/oxAuth/master/Server/conf/oxauth-config.json) but I did not delete it to begin with, so I would like help understanding how else it could have been deleted.

By Mobarak Hosen Shakil staff 27 Apr 2022 at 5:40 p.m. CDT

Mobarak Hosen Shakil gravatar
I don't see such a file in that folder after an initial installation. In my case, Gluu server is running without having such file at that folder. Kindly, check the attached image.