"Failed to open session to passthru server" after upgrading to windows server 2019

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Active Member II

"Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Hello,

We have been using alfresco community 5.2 edition with passthru authentication (Single Sign On) via windows server 2008 R2 without any issues. After upgrading to windows server 2019, passthru authentication fails with this exception.

org.alfresco.repo.security.authentication.AuthenticationException: 03291074 Failed to open session to passthru server
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticatePassthru(NTLMAuthenticationComponentImpl.java:810)
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticate(NTLMAuthenticationComponentImpl.java:570)
        at sun.reflect.GeneratedMethodAccessor635.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
        at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy132.authenticate(Unknown Source)
        at org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter.processType1(BaseNTLMAuthenticationFilter.java:401)
        at org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter.authenticateRequest(BaseNTLMAuthenticationFilter.java:303)
        at org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter.doFilter(BaseSSOAuthenticationFilter.java:195)
        at sun.reflect.GeneratedMethodAccessor633.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:119)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy218.doFilter(Unknown Source)
        at org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:89)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:743)
        at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485)
        at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:410)
        at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337)
        at org.apache.jsp.index_jsp._jspService(index_jsp.java:100)
        at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
        at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2549)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2538)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:748)

 

1 Solution

Accepted Solutions
Highlighted
Active Member II

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Fixed by installing SMB 1.0/CIFS File Sharing Support

View solution in original post

8 Replies
Highlighted
Alfresco Employee

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Windows 2019 support is only available in Alfresco 6.2.

Software Engineer in Alfresco Search Team.
Highlighted
Active Member II

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Alfresco is setup up on a CentOs machine and is configured to use Passthru authentication with our windows domain.

Users can login to Alfresco web interface with their windows accounts, that means LDAP authentication is fine.

But mapped drives to AOS are broken since the upgrade from Windows server 2008 to 2019.

Highlighted
Active Member II

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

I have not touched anything in alfresco-global.properties. Here's the configuration that used to be working

cifs.enabled=false
cifs.tcpipSMB.port=1445
cifs.netBIOSSMB.sessionPort=1139
cifs.netBIOSSMB.namePort=1137
cifs.netBIOSSMB.datagramPort=1138

authentication.chain=passthru1:passthru,ldap1:ldap-ad,alfrescoNtlm1:alfrescoNtlm

synchronization.autoCreatePeopleOnLogin=false

ntlm.authentication.sso.enabled=true
ntlm.authentication.mapUnknownUserToGuest=false

passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=dc1.mycompany.com,dc2.mycompany.com

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@mycompany.com
ldap.authentication.java.naming.provider.url=ldap://dc1.mycompany.com:389

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=ldap_user@mycompany.com
ldap.synchronization.java.naming.security.credentials=password
ldap.synchronization.groupSearchBase=ou\=Users,dc\=mycompany,dc\=com
ldap.synchronization.userSearchBase=ou\=Users,dc\=mycompany,dc\=com
Highlighted
Active Member II

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Does it have to do anything with SMB 1.0/CIFS File Sharing Support? This feature is not installed by default on Windows server 2019

Highlighted
Community Manager
Community Manager

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Hi @hoomanv,

Windows 2019 support in 6.2 is actually a work in progress. 

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!
Highlighted
Active Member II

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Well I'm still on 5.2, not 6.2

I'm not sure if microsoft has decided to drop NTLMv1 authentication on Windows server 2019, otherwise there is nothing I can think of that is preventing NTLM/Passthru authentication to work

Highlighted
Active Member II

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Fixed by installing SMB 1.0/CIFS File Sharing Support

View solution in original post

Highlighted
Community Manager
Community Manager

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Jump to solution

Hi @hoomanv,

Great news that you resolved it - & thanks for reporting how, very useful to other users.

Cheers, 

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!