LDAP Authenticator only work for the first time after xWiki startup

It is found that the LDAP authentication is only work after the XWiki is restart, the same account cannot login again after it is logged out. I have captured the both debug log message and the network capture for the investigation.
fail.log (12.0 KB)
success.log (12.2 KB)

The log file for both success and failure cases has been uploaded (some credential has been censored)

I have also attached the LDAP config as below:

xwiki.cfg
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
xwiki.authentication.ldap=1
xwiki.authentication.ldap.trylocal=1
xwiki.authentication.ldap.update_user=1
wiki.authentication.ldap.server=192.168.211.111
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=dc=office,dc=company,dc=com
xwiki.authentication.ldap.bind_DN={0}@office.company.com
xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,email=mail
xwiki.authentication.ldap.ssl=0

Unfortunately, the network capture cannot be disclosed due to security policy. I can only draw the both success and fail network flow as below:

Success LDAP login:
#1 Xwiki -> LDAP server : LDAP bindRequest(1) "username@office.company.com" simple
#2 LDAP server -> Xwiki : LDAP bindResponsee(1) success
#3 Xwiki -> LDAP server : LDAP searchRequest(2) “dc=office,dc=company,dc=com” wholesubtree
#4 LDAP server -> Xwiki : LDAP searchResEntry(2) “CN=user name,OU=organization unit name,OU=department,DC=office,DC=company,DC=com” [1 result]
#5 Xwiki -> LDAP server : LDAP bindRequest(3) “CN=user name,OU=organization unit name,OU=department,DC=office,DC=company,DC=com” simple
#6 LDAP server -> Xwiki : LDAP bindResponsee(3) success
#7 Xwiki -> LDAP server : LDAP bindRequest(4) "username@office.company.com" simple
#8 LDAP server -> Xwiki : LDAP bindResponsee(4) success
#9 Xwiki -> LDAP server : LDAP unbindRequest(5)
#10 LDAP server -> Xwiki : TCP reset

Fail LDAP login:
#1 Xwiki -> LDAP server : LDAP bindRequest(1) "username@office.company.com" simple
#2 LDAP server -> Xwiki : LDAP bindResponsee(1) success
#3 Xwiki -> LDAP server : LDAP searchRequest(2) “dc=office,dc=company,dc=com” wholesubtree
#4 LDAP server -> Xwiki : LDAP searchResEntry(2) “CN=user name,OU=organization unit name,OU=department,DC=office,DC=company,DC=com” [1 result]
#5 Xwiki -> LDAP server : LDAP abandonRequest(2)
#6 LDAP server -> Xwiki : TCP reset

In the view of the fail LDAP login, there is a “LDAP abandonRequest” send to the LDAP server while it does not exist in the success login packet.

Any finding about this case will be appreciate, thank you.

Hard to say much. What the fail log indicate is just that the serveur closed the connection while XWiki was sending a bind message without any error returned.

I have re-build the module with regard to this issue by changing the logic of class - XWikiLDAPAuthServiceImpl, the problem is fixed now.
Thank you for your support.