Thread: LDAP authentication problem.

LDAP authentication problem.

From
Luc DALLEMANE
Date:

Hello,

I'm facing a problem with my web application.
For this project, I'm using :
Java 1.8, Postgres 9.4, Tomcat 7.0.56 and a cisco asa firewall.

The firewall is configured with an IP and port restriction.

The Web part is located in a DMZ and the database part in the LAN.
I'm using a combined REALM (LDAP and Database).

The problem is the following, we can connect to the application and use it, but after a while (don't know really when), you cannot connect again.
In the log, I can see that the LDAP authentication never ends.  (I have put logs before and after calling the authenticate method but the last log is never displayed)

In tomcat log, the problem begins with :
    org.apache.catalina.core.StandardService stopInternal
    INFO: Stopping service Catalina
    
When we check the firewall, we get the following message :

Deny TCP (no connection) from WEB/50790 to DB/5432 FIN ACK on interface DMZ_clients

You have to restart tomcat to fix this bug and it works again (for a while...)


I can't find the cause of this problem.

Any answers are welcome.


Luc.