Layer7 API Management

  • 1.  Portal 3.5 Unable to authenticate LDAP user after Gateway Upgrade to 9.4

    Posted Feb 10, 2019 07:38 PM

    Hi,

     

    We recently upgraded gateway from 9.2 to 9.4 following CA documentation. However, after the upgrade we are not able to login to the connected Portal 3.5.for any users (internal via LDAP and external via internal IDP) including default admin.  

    1) For LDAP authenticated user we are getting the following error in catalina.out:

    "INFO: Response Status Code:200, WARNING: Valid user credential but did map to any valid roles. Returning as Invalid User"

     

    Feb 11, 2019 11:06:00 AM com.l7tech.extension.ExtensionManagerPlugin getExtension
    INFO: getExtension: authenticationHandler
    02/11 11:06:00.566 DEBUG (http-nio-37080-exec-22:) - [ExtensionManagerPlugin general] -- Extension does not belong to known handler types. Probably a custom handler? class com.l7tech.ldap.GatewayAuthenticationPlugin
    Feb 11, 2019 11:08:29 AM com.l7tech.ldap.RequestUtil processRequest
    INFO: Response Status Code:200
    Feb 11, 2019 11:08:29 AM com.l7tech.ldap.GatewayAuthenticationPlugin authenticate
    WARNING: Administrator returned null Role
    Feb 11, 2019 11:08:29 AM com.l7tech.ldap.GatewayAuthenticationPlugin authenticate
    WARNING: administrator returned null Role
    Feb 11, 2019 11:08:29 AM com.l7tech.ldap.GatewayAuthenticationPlugin authenticate
    WARNING: registeredUser returned null Role
    Feb 11, 2019 11:08:29 AM com.l7tech.ldap.GatewayAuthenticationPlugin authenticate
    WARNING: Valid user credential but did map to any valid roles. Returning as Invalid User

     

    Users are successfully authenticated via 'portalAuth' policy, however failure occurs at Portal. 

     

    2) For default following error is logged in portal:

    Feb 11, 2019 11:34:14 AM com.l7tech.extension.ExtensionManagerPlugin getExtension
    INFO: getExtension: authenticationHandler
    02/11 11:34:14.608 DEBUG (http-nio-37080-exec-23:) - [ExtensionManagerPlugin general] -- Extension does not belong to known handler types. Probably a custom handler? class com.l7tech.ldap.GatewayAuthenticationPlugin
    Feb 11, 2019 11:34:14 AM com.l7tech.ldap.RequestUtil processRequest
    INFO: Response Status Code:401

     

    Thanks,

    Varun

     



  • 2.  Re: Portal 3.5 Unable to authenticate LDAP user after Gateway Upgrade to 9.4
    Best Answer

    Posted Feb 10, 2019 11:17 PM
    Issue was fixed with the help of CA Support, it was caused by changed mysql configuration in /etc/my.cnf
    Property ‘lower_case_table_names’ was set to ‘0’ instead of ‘1’.