my dog learned polymorphism*
The moose likes Java in General and the fly likes eDirectory authentication using SSL Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Java in General
Bookmark "eDirectory authentication using SSL" Watch "eDirectory authentication using SSL" New topic
Author

eDirectory authentication using SSL

Swosti Dipan Pal
Ranch Hand

Joined: Sep 23, 2005
Posts: 70
I have used the following code to authenticate to the eDirectory server using the 389 port. However, when I am using the 636 (secured port) it is throwing error. Please help me to know the source of error and solution to this issue.


Hashtable env = new Hashtable();

env.put(Context.SECURITY_AUTHENTICATION, "simple");

env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
//env.put(Context.PROVIDER_URL,"ldap://208.53.52.78:389/dc=dblab,dc=lab");
env.put(Context.PROVIDER_URL,
defaultProps.getProperty("PROVIDER_URL"));
/*env.put(Context.SECURITY_PRINCIPAL,
defaultProps.getProperty("SECURITY_PRINCIPAL"));
env.put(Context.SECURITY_CREDENTIALS, defaultProps.getProperty("SECURITY_CREDENTIALS"));*/
//String userName="CN="+logon+",CN=Users,DC=dblab,DC=lab";
String userName="CN="+logon+",o=SAMS";
env.put(Context.SECURITY_PRINCIPAL,userName);
env.put(Context.SECURITY_CREDENTIALS,pwd);


Thanks<br />-Swosti
Ilja Preuss
author
Sheriff

Joined: Jul 11, 2001
Posts: 14112
That code is just filling a hashtable - what does the code look like that is doing the actual connection to the server?

And what *exact* error do you get?


The soul is dyed the color of its thoughts. Think only on those things that are in line with your principles and can bear the light of day. The content of your character is your choice. Day by day, what you do is who you become. Your integrity is your destiny - it is the light that guides your way. - Heraclitus
Swosti Dipan Pal
Ranch Hand

Joined: Sep 23, 2005
Posts: 70
I am using the InitialDirContext.I am passing the hashtable values to this constructor. I am n't using any connection ? Is there any need of it ?

DirContext ctx = new InitialDirContext(env);

The error which I am getting is given below.

>>>>> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,356 INFO [STDOUT] >>>>> simple bind failed: 208.53.52.78:6362
11:15:30,356 ERROR [STDERR] javax.naming.CommunicationException: simple bind failed: 208.53.52.78:6362 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
11:15:30,357 ERROR [STDERR] at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:197)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2637)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
11:15:30,358 ERROR [STDERR] at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.init(InitialContext.java:223)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.<init>(InitialContext.java:197)
11:15:30,358 ERROR [STDERR] at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
11:15:30,358 ERROR [STDERR] at com.dbridge.ldap.ldap.getAllPersonNames(ldap.java:69)
11:15:30,358 ERROR [STDERR] at org.apache.jsp.html.helloWorld_jsp._jspService(helloWorld_jsp.java:77)
11:15:30,358 ERROR [STDERR] at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
11:15:30,358 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
11:15:30,358 ERROR [STDERR] at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:332)
11:15:30,359 ERROR [STDERR] at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
11:15:30,359 ERROR [STDERR] at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
11:15:30,359 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
11:15:30,359 ERROR [STDERR] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
11:15:30,359 ERROR [STDERR] at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
11:15:30,359 ERROR [STDERR] at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
11:15:30,360 ERROR [STDERR] at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
11:15:30,360 ERROR [STDERR] at java.lang.Thread.run(Thread.java:595)
11:15:30,360 ERROR [STDERR] Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:877)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:737)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.read1(BufferedInputStream.java:256)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.read(BufferedInputStream.java:313)
11:15:30,361 ERROR [STDERR] at com.sun.jndi.ldap.Connection.run(Connection.java:784)
11:15:30,361 ERROR [STDERR] ... 1 more
11:15:30,361 ERROR [STDERR] Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,361 ERROR [STDERR] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
11:15:30,362 ERROR [STDERR] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
11:15:30,362 ERROR [STDERR] at sun.security.validator.Validator.validate(Validator.java:203)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
11:15:30,362 ERROR [STDERR] ... 12 more
11:15:30,362 ERROR [STDERR] Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,362 ERROR [STDERR] at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
11:15:30,362 ERROR [STDERR] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
11:15:30,362 ERROR [STDERR] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
11:15:30,362 ERROR [STDERR] ... 17 more
Swosti Dipan Pal
Ranch Hand

Joined: Sep 23, 2005
Posts: 70
I found a solution to it. Thanks.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: eDirectory authentication using SSL