FAQ Google Apps for Crowd

Owned by Paweł Darmofalski (Unlicensed)
Last updated: 2016-12-19 by Former user (Deleted)
2 min read

Click on the links to expand panels and see answers.

 Too much logging from Google libraries
Due to a problem with Google libraries, pl.craftware.shaded.com.google.api.client.http.HttpTransport logger produces too much data. If this is a problem for you, you can disable it with:

 

log4j.logger.pl.craftware.shaded.com.google.api.client.http.HttpTransport=OFF
added to log4j.properties.
 java.net.SocketTimeoutException: Read timed outClick here to expand...

Increasing value of google.apps.batchRequestReadTimeout helps.

 java.net.SocketTimeoutException: Connection refused: connect

This error probably means that you're behind a proxy and need to configure it. Use -DsocksProxyHost (it has to be a SOCKS5 proxy, HTTP proxies won't work) or use a proxifier.

 'javax.mail.MessagingException: Connection timed out' during user login

This error means that probably IMAPS port isn't open correctly on firewalls, so the plugin can't access it. 

 'Invalid password' or similar error during user login

The user may get this error if they enabled 2-step verification. Then instead of using their Google password, they should use per-application passwords.

 403 Forbidden (...) "User Rate Limit Exceeded"
com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden 
{ 
	"code" : 403, 
	"errors" : [ { "domain" : "usageLimits", "message" : "User Rate Limit Exceeded", "reason" : "userRateLimitExceeded" } ], 
	"message" : "User Rate Limit Exceeded" 
}
For security reasons, Google Directory API has usage limits equal by default 15 requests per second. Sometimes it's too little, to change it:
  • Go to Google Developers Console > Your project > APIs & auth > APIs > Admin SDK > Quotas;
  • Find Quota summary > Per user limit and click Change;
  • Enter the new value (eg 1000) and click Change.
 403 Forbidden (...) "Daily Limit Exceeded"
com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden 
{ 
	"code" : 403, 
	"errors" : [ { "domain" : "usageLimits", "message" : "Daily Limit Exceeded", "reason" : "dailyLimitExceeded" } ], 
	"message" : "Daily Limit Exceeded" 
}
For security reasons, Google Directory API also has usage limits equal by 150000 requests per day. If it's too little for you can change directory.cache.synchronise.interval or ask Google for more in Google Developers Console Your project > APIs & auth > APIs > Admin SDK > QuotasApply for higher quota.
 Other 401 or 403 HTTP error

This probably means that you missed some step during Google Apps domain configuration. Sometimes 403 Forbidden mean that your user (given in attributes field google.apps.admin.email hasn't enough permission in Google service to get information about groups, users etc).

 400 Bad Request (...) "invalid_grant"Click here to expand...
com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad Request
{
  "error" : "invalid_grant"
}

This error may mean many problems, but most likely the system date/time on the computer Crowd server is running on is set incorrectly (Google uses it to improve security of access tokens):

  • fix the date/time;
  • restart Crowd (many parts of it and the plugin may depend current date/time).
To prevent such problems in the future, use NTP time synchronization. It's very likely that time synchronization is already enabled on that computer, but some proxy or firewall blocks access to NTP.
 Other problems and questions?

Try checking the logs first. If that doesn't help, please contact us at http://www.craftware.biz/en > Contact. Don't forget to add the important snippets of the logs to your message.