I have the following custom-application.cfm file and I kept getting the above error when trying to login.
<!--- Custom-Application.cfm --->
<cfparam name="Cas_Server_Secure" default="https://ash.owl.com/cas">
<!--- <cfparam name="ReturnURL" default="http://#cgi.server_name##cgi.script_name#?#cgi.query_string#"> --->
<cfparam name="ReturnURL" default="http://#cgi.server_name##cgi.script_name#">
<cfparam name="Session.CAS" default="">
<cfparam name="tempMember" default="">
<cfparam name="strstart" default="0">
<cfparam name="strend" default="0">
<cfparam name="teststring" default="">
<cfparam name="strtotalmember" default="">
<cfset session.updatedForGolive = 1 >
<!---include adf core--->
<cfset request.scriptsExecuted = "">
<cfinclude template="/ADF/core/load_site_adf.cfm">
<!--- <cfif not IsDefined("url.ticket") >
<cfset ReturnURL = URLEncodedFormat(ReturnURL)>
</cfif> --->
<cflock scope="Session" type="ReadOnly" timeout="5" throwontimeout="no">
<cfscript>
if (not IsStruct(Session.CAS))
{
session.CAS = StructNew();
session.CAS.IsAuthenticated = "";
//session.CAS.owlTarget = "http://www2.owl.com";
session.CAS.owlTarget = URLEncodedFormat(Replace(GetDirectoryFromPath(ReturnURL), "http://www.owl.com/", "http://www2.owl.com/" ));
}
//Testing requestTarget
//needs additional validation
</cfscript>
</cflock>
<cfif not cgi.query_string contains "csModule=security/logout" and not cgi.SCRIPT_NAME contains "/commonspot/" >
<cfif SERVER_PORT_SECURE eq 1 >
<cfset ReturnURL ="https://#cgi.server_name##cgi.script_name#">
</cfif>
<cfif not FindNoCase("?login=1", ReturnURL) and not FindNoCase("login.cfm", ReturnURL) >
<cfif not IsDefined("url.ticket") >
<cfset ReturnURL = URLEncodedFormat(ReturnURL)>
</cfif>
<cflock scope="Session" type="ReadOnly" timeout="5" throwontimeout="no">
<cfscript>
if (not IsDefined("url.ticket")){
Session.CAS.owlTarget = ReturnURL;
}
</cfscript>
</cflock>
</cfif>
<!--- <cfdump var="#session.CAS#"> --->
<!--- <cfabort> --->
<cfscript>
//session.CAS.IsAuthenticated = "";
//LDAP Starting Point
LDAP.StartLevel="ou=owl users,dc=owl,dc=com";
//Active Directory Server or IP Address
LDAP.Server="cabage.owl.com";
//LDAP.Server="potato.owl.com";
//Switch to this when Bob is done
LDAP.Server="LDAP.owl.com";
//LDAP Service Port Number
LDAP.Port="939";
//LDAP Query Timeout (in seconds)
LDAP.Timeout="5";
// what to query for
strAttributes = "cn,mail,memberOf,dn";
//LDAP User to run query as ADDED by Bob
// example: "domainName\userName";
LDAP.AUser="ldapAuth";
//LDAP User to run query as ADDED by Bob
// example: "domainName\userName";
LDAP.User="tester";
//Password for LDAP User ADDED by Bob
LDAP.Password="pass600";
</cfscript>
<!--- if we have a url.ticket then we need to get the users userid back from CAS --->
<cfif isDefined("url.ticket")>
<!--- Ticket returned from CAS on initial login --->
<!--- Now we've gotten the service ticket so we must validate it --->
<cfset casurl = CAS_Server_Secure & "/serviceValidate?ticket=" & url.ticket & "&service=" & "#Session.cas.owlTarget#">
<cfhttp url="#casurl#" method="get" proxyserver="mstmgproxy.owl.com" proxyport="8080"></cfhttp>
<!--- Strip out the username that is returned from CAS --->
<!--- if ticket has expired. Send back to CAS to reauthenticate --->
<cfif cfhttp.filecontent contains "not recognized">
<cflocation url="#Cas_Server_Secure#/login?service=#Session.cas.owlTarget#" addtoken="No">
</cfif>
<cfscript>
myxmldoc = XmlParse(cfhttp.filecontent);
selectedElements = XmlSearch(myxmldoc, "cas:serviceResponse/cas:authenticationSuccess/cas:user");
if(isArray(selectedElements) AND NOT ArrayIsEmpty(selectedElements)) {
//valid ticket found
ULuserid = selectedElements[1].XmlText;
LDAP.user = #ULuserid#;
}
else
//invalid ticket
ULuserid = 0;
</cfscript>
<!--- <cfdump var="#Cas_Server_Secure#/login?service=#ReturnURL#">
<cfabort> --->
<cfif NOT ULuserid is 0>
<!--- User ID returned with CAS Ticket --->
<!--- <cfdump var="#ULuserid#">
<cfabort> --->
<cfset LDAP.User="#ULuserid#">
<!--- Available cfldap parameters ACTION,ATTRIBUTES,DELIMITER,FILTER,FILTERFILE,MAXROWS,NAME,PASSWORD,PORT,REBIND,REFERRAL,RETURNASBINARY,SCOPE,SECURE,SEPARATOR,SERVER,SORT,SORTCONTROL,START,STARTROW,TIMEOUT,USERNAME --->.
<!--- note removed port attribute??????????? --->
<!--- Added application ldapuser and pwd these never change --->
<cfldap
server = "#LDAP.server#"
action = "query"
name = "loginResult"
start = "#LDAP.startLevel#"
attributes = "#strAttributes#"
sort = "cn ASC"
filter = "cn=#ldap.user#"
port = "939"
username = "owl\#ldap.auser#"
password = "#LDAP.Password#">
<cfif loginresult.recordcount>
<cfldap
server = "#LDAP.server#"
action = "query"
name = "groupresult"
start = "ou=owl groups,dc=owl,dc=com"
attributes = "dn,name"
sort = "cn ASC"
filter = "(&(objectclass=group)(member=#loginResult.dn#))"
port = "939"
username = "owl\#ldap.auser#"
password = "#LDAP.Password#">
</cfif>
<cfif groupresult.recordcount>
<cfldap action="query"
name="getGroups"
attributes="name,memberof"
start = "ou=owl groups,dc=owl,dc=com"
filter="(&(objectclass=group)(member=#loginResult.dn#))"
port = "939"
server = "#LDAP.server#"
sort="cn ASC"
username = "owl\#ldap.auser#"
password = "#LDAP.Password#"
separator=";">
<cfscript>
for ( i=1; i LTE getGroups.RecordCount; i=(i+1)){
teststring = getGroups["memberof"];
if ( teststring neq "")
{
strstart =0;
strend=0;
Do
{
if(Findnocase("cn=",teststring,0) neq 0){
strstart = Findnocase("cn=",teststring,0);
strend = Findnocase(",",teststring,strstart);
//Get group
tempMember = mid(teststring,strstart,strend-strstart);
teststring = Replace(teststring, tempMember, "");
strtotalmember = strtotalmember &","& replacenocase(tempMember, "cn=", "");
}
}
While (Findnocase("cn=",teststring,0));
}
}
strtotalmember = valuelist(groupresult.name) & strtotalmember;
</cfscript>
</cfif>
<!--- if we found a user and group then authorize the person --->
<!--- Requires finding groups --->
<!--- <cfif (loginresult.recordcount) and (groupresult.recordcount)> --->
<cfif (loginresult.recordcount)>
<!--- Fix for Alumni Users with Numeric userids --->
<cfif IsNumeric(Mid(ULuserid, 1, 1))>
<cfset ULuserid = "owl" & #ULuserid#>
<!--- <cfoutput>#ULuserid#</cfoutput> --->
<!--- <cfexit> --->
</cfif>
<!--- // authorize the user --->
<cfmodule template="/commonspot/security/populate-user-struct.cfm"
defaultUserID = "#ULuserid#"
defaultGroupNames = "#strtotalmember#"
defaultGroupIDs = ""
additionalGroupNames = "#strtotalmember#">
<cfif session.user.LICENSEDCONTRIBUTOR eq 0 >
<cftry>
<CFLOCK SCOPE="Session" TYPE="Exclusive"
TIMEOUT="5" THROWONTIMEOUT="Yes">
<cfquery DATASOURCE="#session.user.USERSDATASOURCE#" NAME="updateContributor">
UPDATE Users
SET LicensedContributor = '1'
WHERE ID = #session.user.id#
</cfquery>
<cfset session.user.LicensedContributor = "1">
</CFLOCK>
<cfcatch><cfoutput>Error Occurred</cfoutput>
</cfcatch>
</cftry>
</cfif>
<!--- We have a valid userid --->
<cfscript>
session.CAS.IsAuthenticated = "Yes";
session.CAS.userid = "#ULuserid#";
session.CAS.groups = "#strtotalmember#";
</cfscript>
<!--- <cfdump var="#session#">
<cfabort> --->
<cflocation url="#URLDecode(Session.CAS.owlTarget)#" addtoken="No">
<cfelse>
<cflocation url="http://#cgi.server_name##request.subsitecache[1].url#restricted.cfm" addtoken="No">
</cfif>
</cfif>
</cfif>
</cfif>
<!--- <cfdump var="#session.user#"> --->
And this the CommonSpot error log.
| Entry Date/Time: 2016-02-15 06:42:54.873 |
>> error processing custom application module (/owl/custom-application.cfm)
~~
Exception: An error has occured while trying to execute query :LDAP.owl.com:939; socket closed.
~~~~~ CommonSpot Instance Details ~~~~~
| Request ID: 18979 (1) |
| Request accepted: 2016-02-15 06:42:54 |
| CommonSpot Build: Build 9.0.1.175 |
| CFML Engine: ACF |
CFML Engine Version: ColdFusion Server 10.0.15.292620 (Apache Tomcat/7.0.54)
| JVM version: 1.7.0_67-b01 - [64 bits, Windows Server 2008 R2] |
| JVM memory (MB): max:7282 total:2696.5 free:530.23 |
CFML Engine Started: 2016-02-12 06:57:23.413 (running for 3 days)
| commonspot.jar: built 2014-10-14 14:20:11 |
| jar path: C:/owlweb/commonspot/java/commonspot.jar |
| Server ID: 1 (Master?:1) Site ID: 1 Subsite ID:5896 |
| User ID: 0[anonymous] - Groups: 0 |
==
Request (GET) from 172.15.1.225
| Server: www2.owl.com Port: 80 Script: '/computer-science/index.htm' |
| Referrer: |
| User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0 |
| Args: ticket=ST-18814-KuWWvmIRIMzEQavnVDwU-ASH |
====
| Operation: query :LDAP.owl.com:939; socket closed |
| Message: An error has occured while trying to execute query :LDAP.owl.com:939; socket closed. |
| Type: Application |
| Detail: One or more of the required attributes may be missing or incorrect or you do not have permissions to execute this operation on the server. |
Thread 'ajp-bio-8012-exec-2' [ID=77, State='RUNNABLE']
... request started at 2016-02-15 06:42:54.763[running 125 milliseconds]
... Request (GET) from 172.15.1.225
| ... Server: www2.owl.com Port: 80 Script: '/computer-science/index.htm' |
...request mode: : read
minimized stack with 57 entries
0: ........coldfusion.tagext.net.LdapTag.doStartTag[ldaptag.java:777]
1: ........coldfusion.runtime.CfJspPage._emptyTcfTag[cfjsppage.java:2795]
2: CFM....cfcustom2dapplication2ecfm992673038.runPage
6: CFM....cfsite2dapplication2dmeat2ecfm185143928._factor10[{CS Root}/commonspot/startup/site-application-meat.cfm:527]
7: CFM....cfsite2dapplication2dmeat2ecfm185143928._factor13[{CS Root}/commonspot/startup/site-application-meat.cfm:397]
8: CFM....cfsite2dapplication2dmeat2ecfm185143928.runPage[{CS Root}/commonspot/startup/site-application-meat.cfm:1]
13: CFM....cfsite2dapplication2ecfm72844038.runPage[{CS Root}/commonspot/site-application.cfm:23]
17: CFM....cfApplication2ecfm1010495360.runPage
AdChoices