0 Replies Latest reply on Feb 15, 2016 6:04 AM by 2Charlie

    Exception: An error has occured while trying to execute query :LDAP.owl.com:939; socket closed.

    2Charlie Level 1

      I have the following custom-application.cfm file and I kept getting the above error when trying to login.

       

      <!--- Custom-Application.cfm --->

      <cfparam name="Cas_Server_Secure" default="https://ash.owl.com/cas">

      <!--- <cfparam name="ReturnURL" default="http://#cgi.server_name##cgi.script_name#?#cgi.query_string#"> --->

      <cfparam name="ReturnURL" default="http://#cgi.server_name##cgi.script_name#">

      <cfparam name="Session.CAS" default="">

      <cfparam name="tempMember" default="">

      <cfparam name="strstart" default="0">

      <cfparam name="strend" default="0">

      <cfparam name="teststring" default="">

      <cfparam name="strtotalmember" default="">

      <cfset session.updatedForGolive = 1 >

       

      <!---include adf core--->

      <cfset request.scriptsExecuted = "">

      <cfinclude template="/ADF/core/load_site_adf.cfm">  

        

          <!--- <cfif not IsDefined("url.ticket") >

          <cfset ReturnURL = URLEncodedFormat(ReturnURL)>

          </cfif> --->

      <cflock scope="Session" type="ReadOnly" timeout="5" throwontimeout="no">

           <cfscript>

            if (not IsStruct(Session.CAS))

                {

                  session.CAS = StructNew();

                  session.CAS.IsAuthenticated = "";

                  //session.CAS.owlTarget = "http://www2.owl.com";

                        

                  session.CAS.owlTarget = URLEncodedFormat(Replace(GetDirectoryFromPath(ReturnURL), "http://www.owl.com/", "http://www2.owl.com/" ));

              }

          //Testing requestTarget

          //needs additional validation

        

          </cfscript>

      </cflock>

       

      <cfif not cgi.query_string contains "csModule=security/logout" and not cgi.SCRIPT_NAME contains "/commonspot/" >

        

          <cfif SERVER_PORT_SECURE eq 1 >

              <cfset ReturnURL ="https://#cgi.server_name##cgi.script_name#">

          </cfif>  

        

      <cfif not FindNoCase("?login=1", ReturnURL) and not FindNoCase("login.cfm", ReturnURL) >

        

          <cfif not IsDefined("url.ticket") >

          <cfset ReturnURL = URLEncodedFormat(ReturnURL)>

          </cfif>

        

          <cflock scope="Session" type="ReadOnly" timeout="5" throwontimeout="no">

                      <cfscript>

                          if (not IsDefined("url.ticket")){

                                  Session.CAS.owlTarget = ReturnURL;

                          }

       

                      </cfscript>

          </cflock>

       

      </cfif>

       

      <!--- <cfdump var="#session.CAS#"> --->

      <!--- <cfabort> --->

       

      <cfscript>

      //session.CAS.IsAuthenticated = "";

       

          //LDAP Starting Point

          LDAP.StartLevel="ou=owl users,dc=owl,dc=com";

       

          //Active Directory Server or IP Address

          LDAP.Server="cabage.owl.com";

          //LDAP.Server="potato.owl.com";

        

          //Switch to this when Bob is done

          LDAP.Server="LDAP.owl.com";

       

          //LDAP Service Port Number

          LDAP.Port="939";

       

          //LDAP Query Timeout (in seconds)

          LDAP.Timeout="5";

        

          // what to query for

          strAttributes = "cn,mail,memberOf,dn";

        

          //LDAP User to run query as ADDED by Bob

          // example: "domainName\userName";

          LDAP.AUser="ldapAuth";

        

          //LDAP User to run query as ADDED by Bob

          // example: "domainName\userName";

          LDAP.User="tester";

       

          //Password for LDAP User ADDED by Bob

          LDAP.Password="pass600";

        

       

      </cfscript>

       

      <!--- if we have a url.ticket then we need to get the users userid back from CAS --->                  

      <cfif isDefined("url.ticket")>  

          <!--- Ticket returned from CAS on initial login --->

          <!--- Now we've gotten the service ticket so we must validate it --->

                  <cfset casurl = CAS_Server_Secure & "/serviceValidate?ticket=" & url.ticket & "&service=" & "#Session.cas.owlTarget#">

                  <cfhttp url="#casurl#" method="get" proxyserver="mstmgproxy.owl.com" proxyport="8080"></cfhttp>

                  <!--- Strip out the username that is returned from CAS --->

            

                  <!--- if ticket has expired.  Send back to CAS to reauthenticate --->

                  <cfif cfhttp.filecontent contains "not recognized">

                       <cflocation url="#Cas_Server_Secure#/login?service=#Session.cas.owlTarget#" addtoken="No">

                  </cfif>

       

                  <cfscript>

                  myxmldoc = XmlParse(cfhttp.filecontent);

                  selectedElements = XmlSearch(myxmldoc, "cas:serviceResponse/cas:authenticationSuccess/cas:user");

                  if(isArray(selectedElements) AND NOT ArrayIsEmpty(selectedElements)) {

                  //valid ticket found

                  ULuserid = selectedElements[1].XmlText;

                  LDAP.user = #ULuserid#;

                  }

                  else

                  //invalid ticket

                  ULuserid = 0;

                  </cfscript>

             

                      <!--- <cfdump var="#Cas_Server_Secure#/login?service=#ReturnURL#">

                                      <cfabort> --->

            

              <cfif NOT ULuserid is 0>

                      <!--- User ID returned with CAS Ticket --->

                      <!--- <cfdump var="#ULuserid#">

                                           <cfabort> --->

               <cfset LDAP.User="#ULuserid#">

            

                      <!--- Available cfldap parameters ACTION,ATTRIBUTES,DELIMITER,FILTER,FILTERFILE,MAXROWS,NAME,PASSWORD,PORT,REBIND,REFERRAL, RETURNASBINARY,SCOPE,SECURE,SEPARATOR,SERVER,SORT,SORTCONTROL,START,STARTROW,TIMEOUT,USERN AME --->.

                        

                          <!--- note removed port attribute??????????? --->

                          <!--- Added application ldapuser and pwd these never change --->

                        

                      <cfldap

                          server = "#LDAP.server#"

                          action = "query"

                          name = "loginResult"

                          start = "#LDAP.startLevel#"

                          attributes = "#strAttributes#"

                          sort = "cn ASC"

                             filter = "cn=#ldap.user#"

                          port = "939"

                          username = "owl\#ldap.auser#"

                          password = "#LDAP.Password#">

        

                    

                      <cfif loginresult.recordcount>

                          <cfldap

                              server = "#LDAP.server#"

                              action = "query"

                              name = "groupresult"

                              start = "ou=owl groups,dc=owl,dc=com"

                              attributes = "dn,name"

                              sort = "cn ASC"

                              filter = "(&(objectclass=group)(member=#loginResult.dn#))"

                              port = "939"

                              username = "owl\#ldap.auser#"

                              password = "#LDAP.Password#">

                      </cfif>

                    

                      <cfif groupresult.recordcount>

                          <cfldap action="query"

                          name="getGroups"

                          attributes="name,memberof"

                          start = "ou=owl groups,dc=owl,dc=com"

                          filter="(&(objectclass=group)(member=#loginResult.dn#))"

                          port = "939"

                          server = "#LDAP.server#"

                          sort="cn ASC"

                          username = "owl\#ldap.auser#"

                          password = "#LDAP.Password#"

                          separator=";">

                    

                      <cfscript>

                              for ( i=1; i LTE getGroups.RecordCount; i=(i+1)){

                                          teststring = getGroups["memberof"][i];

                                          if ( teststring neq "")

                                          {  

                                                  strstart =0;

                                                  strend=0;

                                                  Do

                                                  {

                                                      if(Findnocase("cn=",teststring,0) neq 0){

                                                      strstart = Findnocase("cn=",teststring,0);

                                                      strend = Findnocase(",",teststring,strstart);

                                                      //Get group

                                                      tempMember = mid(teststring,strstart,strend-strstart);

                                                      teststring = Replace(teststring, tempMember, "");

                                                      strtotalmember = strtotalmember &","& replacenocase(tempMember, "cn=", "");

                                                      }

                                                   }

                                                   While (Findnocase("cn=",teststring,0));  

                    

                                          }

                    

                                  }

                    

                          strtotalmember    = valuelist(groupresult.name) & strtotalmember;  

                    

                          </cfscript>

                      </cfif>

                    

                         

                  <!--- if we found a user and group then authorize the person --->   

                  <!--- Requires finding groups --->

                  <!--- <cfif (loginresult.recordcount) and (groupresult.recordcount)> --->

                

                   <cfif (loginresult.recordcount)>

                    

                          <!--- Fix for Alumni Users with Numeric userids --->

                          <cfif IsNumeric(Mid(ULuserid, 1, 1))>

                              <cfset ULuserid = "owl" & #ULuserid#>

                                      <!--- <cfoutput>#ULuserid#</cfoutput> --->

                              <!--- <cfexit> --->

                          </cfif>

       

                              <!--- // authorize the user --->

                              <cfmodule template="/commonspot/security/populate-user-struct.cfm"

                                                              defaultUserID = "#ULuserid#"

                                                              defaultGroupNames = "#strtotalmember#"

                                                              defaultGroupIDs = ""

                                                              additionalGroupNames = "#strtotalmember#">

                        

                                  <cfif session.user.LICENSEDCONTRIBUTOR eq 0 >

                                      <cftry>

                                          <CFLOCK SCOPE="Session" TYPE="Exclusive"

                                                  TIMEOUT="5" THROWONTIMEOUT="Yes">

                                              <cfquery DATASOURCE="#session.user.USERSDATASOURCE#" NAME="updateContributor">

                                                 UPDATE Users

                                                 SET LicensedContributor = '1'

                                                 WHERE ID = #session.user.id#

                                              </cfquery>

                                          <cfset session.user.LicensedContributor = "1">

                                          </CFLOCK>

                                    

                                      <cfcatch><cfoutput>Error Occurred</cfoutput>

                                      </cfcatch>

                                      </cftry>

                                  </cfif>                                                      

                        

                      <!--- We have a valid userid --->

                       <cfscript>

                          session.CAS.IsAuthenticated = "Yes";

                          session.CAS.userid = "#ULuserid#";

                          session.CAS.groups = "#strtotalmember#";

                      </cfscript>

                              <!--- <cfdump var="#session#">

                                        

                                          <cfabort> --->              

                              <cflocation url="#URLDecode(Session.CAS.owlTarget)#" addtoken="No">

                      <cfelse>

                                

                      <cflocation url="http://#cgi.server_name##request.subsitecache[1].url#restricted.cfm" addtoken="No">

                     

                      </cfif>

                    

              </cfif>

      </cfif>

       

      </cfif>

       

      <!--- <cfdump var="#session.user#"> --->

       

       

      And this the CommonSpot error log.

       

      Entry Date/Time: 2016-02-15 06:42:54.873

      >> error processing custom application module (/owl/custom-application.cfm)

      ~~

      Exception: An error has occured while trying to execute query :LDAP.owl.com:939; socket closed.

       

      ~~~~~ CommonSpot Instance Details ~~~~~

      Request ID: 18979 (1)
      Request accepted: 2016-02-15 06:42:54
      CommonSpot Build: Build 9.0.1.175
      CFML Engine: ACF

      CFML Engine Version: ColdFusion Server 10.0.15.292620 (Apache Tomcat/7.0.54)

      JVM version: 1.7.0_67-b01 - [64 bits, Windows Server 2008 R2]
      JVM memory (MB):  max:7282 total:2696.5 free:530.23

      CFML Engine Started: 2016-02-12 06:57:23.413 (running for 3 days)

      commonspot.jar: built 2014-10-14 14:20:11
      jar path: C:/owlweb/commonspot/java/commonspot.jar
      Server ID: 1 (Master?:1) Site ID: 1 Subsite ID:5896
      User ID: 0[anonymous] - Groups: 0

      ==

      Request (GET) from 172.15.1.225

      Server: www2.owl.com Port: 80 Script: '/computer-science/index.htm'
      Referrer:
      User Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:44.0) Gecko/20100101 Firefox/44.0
      Args: ticket=ST-18814-KuWWvmIRIMzEQavnVDwU-ASH

      ====

      Operation: query :LDAP.owl.com:939; socket closed
      Message: An error has occured while trying to execute query :LDAP.owl.com:939; socket closed.
      Type: Application
      Detail: One or more of the required attributes may be missing or incorrect or you do not have permissions to execute this operation on the server.

       

      Thread 'ajp-bio-8012-exec-2' [ID=77, State='RUNNABLE']

      ... request started at 2016-02-15 06:42:54.763[running 125 milliseconds]

      ...  Request (GET) from 172.15.1.225

      ... Server: www2.owl.com Port: 80 Script: '/computer-science/index.htm'

         ...request mode: : read

      minimized stack with 57 entries

         0: ........coldfusion.tagext.net.LdapTag.doStartTag[ldaptag.java:777]

         1: ........coldfusion.runtime.CfJspPage._emptyTcfTag[cfjsppage.java:2795]

         2: CFM....cfcustom2dapplication2ecfm992673038.runPage[c:/owlweb/owl/custom-application.cfm:1 85]

         6: CFM....cfsite2dapplication2dmeat2ecfm185143928._factor10[{CS Root}/commonspot/startup/site-application-meat.cfm:527]

         7: CFM....cfsite2dapplication2dmeat2ecfm185143928._factor13[{CS Root}/commonspot/startup/site-application-meat.cfm:397]

         8: CFM....cfsite2dapplication2dmeat2ecfm185143928.runPage[{CS Root}/commonspot/startup/site-application-meat.cfm:1]

        13: CFM....cfsite2dapplication2ecfm72844038.runPage[{CS Root}/commonspot/site-application.cfm:23]

        17: CFM....cfApplication2ecfm1010495360.runPage[c:/owlweb/owl/computer-science/application.cf m:13]