Template for a good bug report, formatted with Markdown:
- Versions used (SonarQube, Scanner, Plugin, and any relevant extension)
dockerized SonarQube 8-community - Error observed (wrap logs/code around triple quote ``` for proper formatting)
Server will not start when LDAP connection is to Global LDAPS port 3269
2020.04.07 01:44:40 INFO web[][o.s.s.s.LogServerId] Server ID: REDACTED
2020.04.07 01:44:40 INFO web[][org.sonar.INFO] Security realm: LDAP
2020.04.07 01:44:40 INFO web[][o.s.a.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=dc=corporate,dc=local, request=(&(objectClass=user)(objectCategory=Person)(cn={0})), realNameAttribute=cn, emailAttribute=mail}
2020.04.07 01:44:40 INFO web[][o.s.a.l.LdapSettingsManager] Groups will not be synchronized, because property 'ldap.group.baseDn' is empty.
2020.04.07 01:44:41 INFO web[][o.s.a.l.LdapContextFactory] Test LDAP connection: FAIL
2020.04.07 01:44:41 ERROR web[][o.s.s.p.Platform] Background initialization failed. Stopping SonarQube
org.sonar.api.utils.SonarException: Security realm fails to start: Unable to open LDAP connection
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:93)
at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40)
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
at org.picocontainer.behaviors.Stored.start(Stored.java:110)
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:90)
at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:555)
at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:213)
at org.sonar.server.platform.PlatformImpl.startLevel34Containers(PlatformImpl.java:187)
at org.sonar.server.platform.PlatformImpl.access$500(PlatformImpl.java:46)
at org.sonar.server.platform.PlatformImpl$1.lambda$doRun$0(PlatformImpl.java:120)
at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.runIfNotAborted(PlatformImpl.java:370)
at org.sonar.server.platform.PlatformImpl$1.doRun(PlatformImpl.java:120)
at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.run(PlatformImpl.java:354)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: org.sonar.auth.ldap.LdapException: Unable to open LDAP connection
at org.sonar.auth.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:215)
at org.sonar.auth.ldap.LdapRealm.init(LdapRealm.java:63)
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:87)
... 19 common frames omitted
Caused by: javax.naming.CommunicationException: Connection or outbound has closed
at java.naming/com.sun.jndi.ldap.LdapCtx.extendedOperation(Unknown Source)
at java.naming/javax.naming.ldap.InitialLdapContext.extendedOperation(Unknown Source)
at org.sonar.auth.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:120)
at org.sonar.auth.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:96)
at org.sonar.auth.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:211)
... 21 common frames omitted
Caused by: java.net.SocketException: Connection or outbound has closed
at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(Unknown Source)
at java.base/java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.base/java.io.BufferedOutputStream.flush(Unknown Source)
at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapClient.extendedOp(Unknown Source)
... 26 common frames omitted
2020.04.07 01:44:41 DEBUG web[][o.s.s.p.Platform] Background initialization of SonarQube done
2020.04.07 01:44:41 INFO web[][o.s.p.ProcessEntryPoint] Hard stopping process
2020.04.07 01:44:41 DEBUG web[][o.s.s.a.TomcatAccessLog] Tomcat is stopped
, but succeeds using Global LDAP 3268
2020.04.07 01:49:22 INFO web[][o.s.s.s.LogServerId] Server ID: REDACTED
2020.04.07 01:49:22 INFO web[][org.sonar.INFO] Security realm: LDAP
2020.04.07 01:49:22 INFO web[][o.s.a.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=dc=corporate,dc=local, request=(&(objectClass=user)(objectCategory=Person)(samAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2020.04.07 01:49:22 INFO web[][o.s.a.l.LdapSettingsManager] Groups will not be synchronized, because property 'ldap.group.baseDn' is empty.
2020.04.07 01:49:22 DEBUG web[][o.s.a.l.LdapContextFactory] Initializing LDAP context {java.naming.referral=follow, java.naming.security.principal=cn=ldapanon,ou=Service Accounts,ou=Universal,dc=corporate,dc=local, com.sun.jndi.ldap.connect.pool=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.sasl.realm=dc=corporate,dc=local, java.naming.provider.url=ldap://ldap-vip.example.com:3268, java.naming.security.authentication=simple}
2020.04.07 01:49:22 INFO web[][o.s.a.l.LdapContextFactory] Test LDAP connection on ldap://ldap-vip.example.com:3268: OK
2020.04.07 01:49:22 INFO web[][org.sonar.INFO] Security realm started
- Steps to reproduce
Startup script callsdocker run ...
with environment variables and over-rides to handle bug [SONAR-13272] - Jira
docker run -d -it --name sonarqube --restart=unless-stopped --stop-timeout 3600 \
--ulimit nofile=65536 --ulimit nproc=65536 \
-v $SONARQUBE_HOME/conf:/opt/sonarqube/conf \
-v $SONARQUBE_HOME/extensions:/opt/sonarqube/extensions \
-v $SONARQUBE_HOME/logs:/opt/sonarqube/logs \
-v $SONARQUBE_HOME/data:/opt/sonarqube/data \
-e SONAR_JDBC_USERNAME=sonar \
-e SONAR_JDBC_PASSWORD=sonar \
-e SONAR_JDBC_URL=jdbc:postgresql://REDACTED:5432/sonarqube \
-e SONAR_SECURITY_REALM=LDAP \
-e SONAR_AUTHENTICATOR_DOWNCASE=true \
-p 9000:9000 sonarqube:8.2-community \
-Dldap.url=ldap://ldap-vip.example.com:3268 \
-Dldap.realm=dc=corporate,dc=local \
-Dldap.bindDn='cn=ldapanon,ou=Service Accounts,ou=Universal,dc=corporate,dc=local' \
-Dldap.bindPassword='Anonymous@' \
-Dldap.user.baseDn=dc=corporate,dc=local \
-Dldap.user.request='(&(objectClass=user)(objectCategory=Person)(samAccountName={login}))' \
-Dldap.user.realNameAttribute=cn \
-Dldap.user.emailAttribute=mail