<div dir="ltr">Hello,<div><br></div><div>I've upgraded previous version of OMERO to 4.3.2 and got complaints from a user that he can't login to the server.</div><div>That's what I can see through the logs:<br><br>

2011-09-27 09:42:52,813 INFO  [        ome.services.util.ServiceHandler] (l.Server-2)  Excp:    ome.conditions.ValidationException: DNs don't match: 'cn=Alex Fulcher,ou=Department of Biochemistry and Molecular Biology,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


ome.conditions.ValidationException: DNs don't match: 'cn=Alex Fulcher,ou=Department of Biochemistry and Molecular Biology,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


2011-09-27 09:43:58,977 WARN  [  ome.security.auth.LdapPasswordProvider] (l.Server-7) DNs don't match: 'cn=Alex Fulcher,ou=Department of Biochemistry and Molecular Biology,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


2011-09-27 09:44:02,046 WARN  [  ome.security.auth.LdapPasswordProvider] (l.Server-7) DNs don't match: 'cn=Alex Fulcher,ou=Department of Biochemistry and Molecular Biology,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


2011-09-27 09:44:05,060 INFO  [        ome.services.util.ServiceHandler] (l.Server-7)  Excp:    ome.conditions.ValidationException: DNs don't match: 'cn=Alex Fulcher,ou=Department of Biochemistry and Molecular Biology,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


ome.conditions.ValidationException: DNs don't match: 'cn=Alex Fulcher,ou=Department of Biochemistry and Molecular Biology,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


2011-09-27 14:53:20,124 INFO  [        ome.services.util.ServiceHandler] (l.Server-9)  Rslt:    cn=Alex Fulcher,ou=Department of Biochemistry and Molecular Biology,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au<br>


<br><br>So, I've updated his DN (in the DB) to reflect what I can see in the LDAP (without \):<br><br>UPDATE password set dn = 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' where experimenter_id=504;<br>

<br>But he still can't connect, although in the webadmin panel I can see that DN changed to 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'.</div>

<div><br></div><div>Here is what I see in the logs:</div><div><br>2011-09-27 15:21:47,476 INFO  [        ome.services.util.ServiceHandler] (l.Server-7)  Executor.doWork -- ome.services.sessions.SessionManagerImpl.executeCheckPasswordRO(afulcher)<br>


2011-09-27 15:21:47,477 INFO  [        ome.services.util.ServiceHandler] (l.Server-7)  Args:    [null, InternalSF@812610706]<br>2011-09-27 15:21:47,478 INFO  [         ome.security.basic.EventHandler] (l.Server-7)  Auth:    user=0,group=0,event=null(Sessions),sess=95fa5807-9883-4ae1-9418-dbb1f7140b9d<br>


2011-09-27 15:21:47,524 WARN  [  ome.security.auth.LdapPasswordProvider] (l.Server-7) DNs don't match: 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


2011-09-27 15:21:47,524 WARN  [  ome.security.auth.LoginAttemptListener] (l.Server-7) 21 failed logins for afulcher. Throttling for 3000<br>2011-09-27 15:21:50,530 INFO  [                 org.perf4j.TimingLogger] (l.Server-7) start[1317100907477] time[3053] tag[omero.call.success.ome.services.sessions.SessionManagerImpl$8.doWork]<br>


2011-09-27 15:21:50,530 INFO  [        ome.services.util.ServiceHandler] (l.Server-7)  Rslt:    null<br>2011-09-27 15:21:50,531 INFO  [        ome.services.util.ServiceHandler] (l.Server-7)  Executor.doWork -- ome.services.sessions.SessionManagerImpl.executeCheckPasswordRW(afulcher)<br>


2011-09-27 15:21:50,531 INFO  [        ome.services.util.ServiceHandler] (l.Server-7)  Args:    [null, InternalSF@812610706]<br>2011-09-27 15:21:50,558 INFO  [         ome.security.basic.EventHandler] (l.Server-7)  Auth:    user=0,group=0,event=61003(Sessions),sess=95fa5807-9883-4ae1-9418-dbb1f7140b9d<br>


2011-09-27 15:21:50,599 WARN  [  ome.security.auth.LdapPasswordProvider] (l.Server-7) DNs don't match: 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


2011-09-27 15:21:50,599 WARN  [  ome.security.auth.LoginAttemptListener] (l.Server-7) 22 failed logins for afulcher. Throttling for 3000<br>2011-09-27 15:21:53,613 INFO  [                 org.perf4j.TimingLogger] (l.Server-7) start[1317100910531] time[3082] tag[omero.call.exception]<br>


2011-09-27 15:21:53,613 INFO  [        ome.services.util.ServiceHandler] (l.Server-7)  Excp:    ome.conditions.ValidationException: DNs don't match: 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


2011-09-27 15:21:53,614 ERROR [services.blitz.fire.PermissionsVerifierI] (l.Server-7) Exception thrown while checking password for:afulcher<br>ome.conditions.ValidationException: DNs don't match: 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au' and 'cn=Alex Fulcher,ou=School of Biomedical Sciences,ou=Faculty of Medicine\, Nursing and Health Sciences,ou=Staff,o=Monash University,c=au'<br>


        at ome.security.auth.LdapPasswordProvider.checkPassword(LdapPasswordProvider.java:126)<br>        at ome.security.auth.PasswordProviders.checkPassword(PasswordProviders.java:42)<br>        at ome.logic.AdminImpl.checkPassword(AdminImpl.java:1194)<br>


        at ome.services.sessions.SessionManagerImpl$9.doWork(SessionManagerImpl.java:978)<br>        at sun.reflect.GeneratedMethodAccessor250.invoke(Unknown Source)<br>        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)<br>


        at java.lang.reflect.Method.invoke(Method.java:597)<br>        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)<br>        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)<br>


        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)<br>        at ome.services.util.Executor$Impl$Interceptor.invoke(Executor.java:440)<br>        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)<br>


        at ome.security.basic.EventHandler.invoke(EventHandler.java:150)<br>        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)<br>        at org.springframework.orm.hibernate3.HibernateInterceptor.invoke(HibernateInterceptor.java:111)<br>


        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)<br>        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:108)<br>


        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)<br>        at ome.tools.hibernate.ProxyCleanupFilter$Interceptor.invoke(ProxyCleanupFilter.java:231)<br>


        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)<br>        at ome.services.util.ServiceHandler.invoke(ServiceHandler.java:116)<br>        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)<br>


        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)<br>        at $Proxy64.doWork(Unknown Source)<br>        at ome.services.util.Executor$Impl.execute(Executor.java:371)<br>


        at ome.services.sessions.SessionManagerImpl.executeCheckPasswordRW(SessionManagerImpl.java:973)<br>        at ome.services.sessions.SessionManagerImpl.executeCheckPassword(SessionManagerImpl.java:945)<br>        at ome.services.sessions.SessionManagerImpl.executePasswordCheck(SessionManagerImpl.java:920)<br>


        at ome.services.blitz.fire.PermissionsVerifierI.checkPermissions(PermissionsVerifierI.java:135)<br>        at Glacier2._PermissionsVerifierDisp.___checkPermissions(_PermissionsVerifierDisp.java:90)<br>        at Glacier2._PermissionsVerifierDisp.__dispatch(_PermissionsVerifierDisp.java:118)<br>


        at IceInternal.Incoming.invoke(Incoming.java:159)<br>        at Ice.ConnectionI.invokeAll(ConnectionI.java:2037)<br>        at Ice.ConnectionI.message(ConnectionI.java:972)<br>        at IceInternal.ThreadPool.run(ThreadPool.java:577)<br>


        at IceInternal.ThreadPool.access$100(ThreadPool.java:12)<br>        at IceInternal.ThreadPool$EventHandlerThread.run(ThreadPool.java:971)</div><div><br></div><div>Any advise/solution?<br clear="all"><div dir="ltr">

<span style="font-family:arial,sans-serif;font-size:13px;border-collapse:collapse;color:rgb(80, 0, 80)"><div>
<br></div><div>Cheers,</div><div>Leon Kolchinsky</div><div>Senior Software Specialist (Collaborative Applications)<br>ITS Research Support Services<br>Monash e-Research Centre (MeRC)<br></div>Monash University</span><div>

<font color="#500050" face="arial, sans-serif"><span style="border-collapse:collapse">tel: <a href="tel:%2B61%203%2099059560" value="+61399059560" target="_blank">+61 3 99059560</a></span></font></div>
</div><br>
</div></div>