DHIS2 v2.35.9 LDAP issue

1. dhis2-web-prod-prod | 09-Mar-2022 08:42:40.462 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
2. dhis2-web-prod-prod | 09-Mar-2022 08:42:40.495 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in [99484] milliseconds
3. dhis2-web-prod-prod |  * ERROR 2022-03-09T08:42:58,011 An internal error occurred while trying to authenticate the user. (AbstractAuthenticationProcessingFilter.java [http-
4. nio-8080-exec-6])
5. dhis2-web-prod-prod |  org.springframework.security.authentication.InternalAuthenticationServiceException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09044E, comment:
6.  AcceptSecurityContext error, data 52e, v2580]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09044E, comment:
7. AcceptSecurityContext error, data 52e, v2580]
8. dhis2-web-prod-prod |   at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:190) ~[spring-securi
9. ty-ldap-5.4.7.jar:5.4.7]
10. dhis2-web-prod-prod |   at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:81) ~[sp
11. ring-security-ldap-5.4.7.jar:5.4.7]
12. dhis2-web-prod-prod |   at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-5.4.7.jar:5.4.7]
13. dhis2-web-prod-prod |   at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:201) ~[spring-security-core-5.4.7.jar:5.4.7]
14. dhis2-web-prod-prod |   at org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter.attemptAuthentication(UsernamePasswordAuthenticationFilter.j
15. ava:85) ~[spring-security-web-5.4.7.jar:5.4.7]
16. dhis2-web-prod-prod |   at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:222)
17. [spring-security-web-5.4.7.jar:5.4.7]
18. dhis2-web-prod-prod |   at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
19. [spring-security-web-5.4.7.jar:5.4.7]
20. dhis2-web-prod-prod |   at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.4.7.jar:5.4.7]
21. dhis2-web-prod-prod |   at org.hisp.dhis.webapi.filter.CustomAuthenticationFilter.doFilter(CustomAuthenticationFilter.java:93) [dhis-web-api-2.35.12.jar:?]
22. dhis2-web-prod-prod |   at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.4.7.jar:5.4.7]
23. dhis2-web-prod-prod |   at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103) [spring-security-web-5.4.7.jar:5.4.7]
24. dhis2-web-prod-prod |   at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89) [spring-security-web-5.4.7.jar:5.4.7]
25. dhis2-web-prod-prod |   at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.4.7.jar:5.4.7]
26. dhis2-web-prod-prod |   at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) [spring-security-web-5.4.7.jar:5.4.7]
27. dhis2-web-prod-prod |   at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) [spring-security-web-5.4.7.jar:5.4.7]
28. dhis2-web-prod-prod |   at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
29. dhis2-web-prod-prod |   at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.4.7.jar:5.4.7]
30. dhis2-web-prod-prod |   at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:110) [spring-security-we
31. b-5.4.7.jar:5.4.7]
32. dhis2-web-prod-prod |   at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:80) [spring-security-web
33. -5.4.7.jar:5.4.7]
34. dhis2-web-prod-prod |   at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.4.7.jar:5.4.7]
35. dhis2-web-prod-prod |   at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55
36. ) [spring-security-web-5.4.7.jar:5.4.7]
37. dhis2-web-prod-prod |   at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
38. dhis2-web-prod-prod |   at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) [spring-security-web-5.4.7.jar:5.4.7]
39. dhis2-web-prod-prod |   at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211) [spring-security-web-5.4.7.jar:5.4.7]
40. dhis2-web-prod-prod |   at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183) [spring-security-web-5.4.7.jar:5.4.7]
41. dhis2-web-prod-prod |   at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
42. dhis2-web-prod-prod |   at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
43. dhis2-web-prod-prod |   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.58]
44. dhis2-web-prod-prod |   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.58]
45. dhis2-web-prod-prod |   at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) [spring-web-5.2.9.RELEASE.jar:5.2.9.REL
46. EASE]
47. dhis2-web-prod-prod |   at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
48. dhis2-web-prod-prod |   at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
49. dhis2-web-prod-prod |   at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
50. dhis2-web-prod-prod |   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.58]
51. dhis2-web-prod-prod |   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.58]
52. dhis2-web-prod-prod |   at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) [spring-web-5.2.9.RELEASE.jar:5.2.9.REL
53. EASE]
54. dhis2-web-prod-prod |   at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
55. dhis2-web-prod-prod |   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.58]
56. dhis2-web-prod-prod |   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.58]
57. dhis2-web-prod-prod |   at org.springframework.orm.hibernate5.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:156) [spring-orm-5.2.9.RELEASE.j
58. ar:5.2.9.RELEASE]
59. dhis2-web-prod-prod |   at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119) [spring-web-5.2.9.RELEASE.jar:5.2.9.RELEASE]
60. dhis2-web-prod-prod |   at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) [catalina.jar:9.0.58]
61. dhis2-web-prod-prod |   at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) [catalina.jar:9.0.58]
62. dhis2-web-prod-prod |   at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) [catalina.jar:9.0.58]
63. dhis2-web-prod-prod |   at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) [catalina.jar:9.0.58]
64. dhis2-web-prod-prod |   at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540) [catalina.jar:9.0.58]
65. dhis2-web-prod-prod |   at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) [catalina.jar:9.0.58]
66. dhis2-web-prod-prod |   at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [catalina.jar:9.0.58]
67. dhis2-web-prod-prod |   at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687) [catalina.jar:9.0.58]
68. dhis2-web-prod-prod |   at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) [catalina.jar:9.0.58]
69. dhis2-web-prod-prod |   at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:359) [catalina.jar:9.0.58]
70. dhis2-web-prod-prod |   at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399) [tomcat-coyote.jar:9.0.58]
71. dhis2-web-prod-prod |   at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) [tomcat-coyote.jar:9.0.58]
72. dhis2-web-prod-prod |   at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:889) [tomcat-coyote.jar:9.0.58]
73. dhis2-web-prod-prod |   at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1735) [tomcat-coyote.jar:9.0.58]
74. dhis2-web-prod-prod |   at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:9.0.58]
75. dhis2-web-prod-prod |   at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-util.jar:9.0.58]
76. dhis2-web-prod-prod |   at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-util.jar:9.0.58]
77. dhis2-web-prod-prod |   at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:9.0.58]
78. dhis2-web-prod-prod |   at java.lang.Thread.run(Unknown Source) [?:?]
79. dhis2-web-prod-prod | Caused by: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09044E, comment: AcceptSecurityContext e
80. rror, data 52e, v2580]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09044E, comment: AcceptSecurityContext er
81. ror, data 52e, v2580]
82. dhis2-web-prod-prod |   at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:191) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
83. dhis2-web-prod-prod |   at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:362) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.
84. 3.4.RELEASE]
85. dhis2-web-prod-prod |   at org.springframework.ldap.core.support.AbstractContextSource.doGetContext(AbstractContextSource.java:146) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3
86. .4.RELEASE]
87. dhis2-web-prod-prod |   at org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:165) ~[spring-ldap-core-2.3.4.RELEASE.j
88. ar:2.3.4.RELEASE]
89. dhis2-web-prod-prod |   at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:802) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
90. dhis2-web-prod-prod |   at org.springframework.security.ldap.SpringSecurityLdapTemplate.searchForSingleEntry(SpringSecurityLdapTemplate.java:260) ~[spring-security-ldap-5.4
91. .7.jar:5.4.7]
92. dhis2-web-prod-prod |   at org.springframework.security.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:100) ~[spring-security-ldap-5.4.7
93. .jar:5.4.7]
94. dhis2-web-prod-prod |   at org.springframework.security.ldap.authentication.BindAuthenticator.authenticate(BindAuthenticator.java:82) ~[spring-security-ldap-5.4.7.jar:5.4.7
95. ]
96. dhis2-web-prod-prod |   at org.hisp.dhis.security.ldap.authentication.DhisBindAuthenticator.authenticate(DhisBindAuthenticator.java:74) ~[dhis-service-core-2.35.12.jar:?]
97. dhis2-web-prod-prod |   at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:174) ~[spring-securi
98. ty-ldap-5.4.7.jar:5.4.7]
99. dhis2-web-prod-prod |   ... 59 more
100. dhis2-web-prod-prod | Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09044E, comment: AcceptSecurityContext error, data 5
101. 2e, v2580]
102. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source) ~[?:?]
103. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) ~[?:?]
104. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) ~[?:?]
105. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source) ~[?:?]
106. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source) ~[?:?]
107. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(Unknown Source) ~[?:?]
108. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source) ~[?:?]
109. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source) ~[?:?]
110. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source) ~[?:?]
111. dhis2-web-prod-prod |   at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source) ~[?:?]
112. dhis2-web-prod-prod |   at javax.naming.spi.NamingManager.getInitialContext(Unknown Source) ~[?:?]
113. dhis2-web-prod-prod |   at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source) ~[?:?]
114. dhis2-web-prod-prod |   at javax.naming.InitialContext.init(Unknown Source) ~[?:?]
115. dhis2-web-prod-prod |   at javax.naming.ldap.InitialLdapContext.<init>(Unknown Source) ~[?:?]
116. dhis2-web-prod-prod |   at org.springframework.ldap.core.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:42) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3
117. .4.RELEASE]
118. dhis2-web-prod-prod |   at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:350) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.
119. 3.4.RELEASE]
120. dhis2-web-prod-prod |   at org.springframework.ldap.core.support.AbstractContextSource.doGetContext(AbstractContextSource.java:146) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3
121. .4.RELEASE]
122. dhis2-web-prod-prod |   at org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:165) ~[spring-ldap-core-2.3.4.RELEASE.j
123. ar:2.3.4.RELEASE]
124. dhis2-web-prod-prod |   at org.springframework.ldap.core.LdapTemplate.executeReadOnly(LdapTemplate.java:802) ~[spring-ldap-core-2.3.4.RELEASE.jar:2.3.4.RELEASE]
125. dhis2-web-prod-prod |   at org.springframework.security.ldap.SpringSecurityLdapTemplate.searchForSingleEntry(SpringSecurityLdapTemplate.java:260) ~[spring-security-ldap-5.4.7.jar:5.4.7]
126. dhis2-web-prod-prod |   at org.springframework.security.ldap.search.FilterBasedLdapUserSearch.searchForUser(FilterBasedLdapUserSearch.java:100) ~[spring-security-ldap-5.4.7.jar:5.4.7]
127. dhis2-web-prod-prod |   at org.springframework.security.ldap.authentication.BindAuthenticator.authenticate(BindAuthenticator.java:82) ~[spring-security-ldap-5.4.7.jar:5.4.7]
128. dhis2-web-prod-prod |   at org.hisp.dhis.security.ldap.authentication.DhisBindAuthenticator.authenticate(DhisBindAuthenticator.java:74) ~[dhis-service-core-2.35.12.jar:?]
129. dhis2-web-prod-prod |   at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:174) ~[spring-security-ldap-5.4.7.jar:5.4.7]
130. dhis2-web-prod-prod |   ... 59 more
131.