tracker issue : CF-4205377

select a category, or use search below
(searches all categories and all time range)
Title:

Caught CFLDAP exception shows up in exception.log

| View in Tracker

Status/Resolution/Reason: To Fix//BugVerified

Reporter/Name(from Bugbase): Michael C. / ()

Created: 10/09/2019

Components: Net Protocols, LDAP

Versions: 2016,2018

Failure Type: Incorrectly functioning

Found In Build/Fixed In Build: CF2016 Update 9 /

Priority/Frequency: Minor / Unknown

Locale/System: English / Win 2012 Server x64

Vote Count: 0

Problem Description:

On CF2016 Update 7 (and below), when attempting to authenticate a user against Active Directory using CFLDAP wrapped in CFTRY, the exception thrown when the authentication fails that is caught does NOT appear in exception.log. After applying Update 9 (or above), the exception is shown in exception.log and server.log, even though it has been caught.

The application continues as expected, but the new presence of the exception in the log files is concerning. An explanation of the change in behaviour would be welcomed.

Steps to Reproduce:

<cftry>
	<cfldap action="QUERY"
			name="AuthenticateUser"
			attributes="samaccountname"
			start="DC=example,DC=com"
			maxrows="1"
			scope="subtree"
			filter="(&(objectclass=user)(samaccountname=jdoe))"
			server="mydomaincontroller"
			port="389"
			username="CN=John Doe, OU=Users, DC=example, DC=com"
			password="wrong_password" />

	<cfcatch type="any">
		<cfreturn [{success=false, error=3}] />
	</cfcatch>
</cftry>

Actual Result:

The following appears in exception.log, even though it has been caught:

"Error","ajp-nio-8016-exec-8","10/08/19","18:15:29","","[LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 775, v2580 ]"
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 775, v2580 ]
	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3154)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2886)
	at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2800)
	at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
	at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
	at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
	at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
	at javax.naming.InitialContext.init(InitialContext.java:244)
	at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
	at coldfusion.tagext.net.LdapTag.getContextObj(LdapTag.java:873)
	at coldfusion.tagext.net.LdapTag.doStartTag(LdapTag.java:735)
	at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:3707)
	at cftest2ecfm1017102064.runPage(D:\sandboxes\test\code\test.cfm:39)
	at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:254)
	at coldfusion.tagext.lang.IncludeTag.handlePageInvoke(IncludeTag.java:737)
	at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:573)
	at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65)
	at coldfusion.filter.IpFilter.invoke(IpFilter.java:45)
	at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:484)
	at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:43)
	at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40)
	at coldfusion.filter.PathFilter.invoke(PathFilter.java:153)
	at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:94)
	at coldfusion.filter.BrowserDebugFilter.invoke(BrowserDebugFilter.java:78)
	at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28)
	at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38)
	at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:60)
	at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38)
	at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)
	at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62)
	at coldfusion.CfmServlet.service(CfmServlet.java:223)
	at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42)
	at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at coldfusion.inspect.weinre.MobileDeviceDomInspectionFilter.doFilter(MobileDeviceDomInspectionFilter.java:57)
	at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:355)
	at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:510)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:800)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1471)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)

Expected Result:

No error in exception.log

Any Workarounds:

N/A

Attachments:

Comments: