When trying to login to Clarity configured behind Load Balancer via LDAP credentials, first time login is fine. However if user logs out and open a new tab and try to re-login it fails to login.
Only after clear the browser cache login happens.
Release : 16.1.1
Component: Clarity Users, Groups, OBS Administration
In the logs we see below error, which is causing the issue.
DEBUG 2010-06-09 08:02:32,707 [http-80-Processor12] directory.LDAPDirectoryService (unknown:none:security.loginAction) * logging is not allowed for this action *
DEBUG 2010-06-09 08:02:32,707 [http-80-Processor12]directory.LDAPDirectoryService (unknown:none:security.loginAction) * logging is not allowed for this action *
ERROR 2010-06-09 08:02:32,723 [http-80-Processor12] directory.LDAPDirectoryService (unknown:none:security.loginAction) javax.naming.PartialResultException: Unprocessed Continuation Reference(s);
remaining name 'DC=example,DC=com at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2763)
The cause is that a search user and a group name has been entered in the configuration of NSA, which is resulting in multiple referral.
Check below configuration to resolve the issue
1: Check the user in Clarity have "Use External Authentication" checked
2: Configure either search user or group name but no both (if using search user, do not set group name, uncheck group membership)
The other related thread with similar scenario are listed below