This week's book giveaway is in the Java in General forum.
We're giving away four copies of Think Java: How to Think Like a Computer Scientist and have Allen B. Downey & Chris Mayfield on-line!
See this thread for details.
Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

eDirectory authentication using SSL

 
Swosti Dipan Pal
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have used the following code to authenticate to the eDirectory server using the 389 port. However, when I am using the 636 (secured port) it is throwing error. Please help me to know the source of error and solution to this issue.


Hashtable env = new Hashtable();

env.put(Context.SECURITY_AUTHENTICATION, "simple");

env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
//env.put(Context.PROVIDER_URL,"ldap://208.53.52.78:389/dc=dblab,dc=lab");
env.put(Context.PROVIDER_URL,
defaultProps.getProperty("PROVIDER_URL"));
/*env.put(Context.SECURITY_PRINCIPAL,
defaultProps.getProperty("SECURITY_PRINCIPAL"));
env.put(Context.SECURITY_CREDENTIALS, defaultProps.getProperty("SECURITY_CREDENTIALS"));*/
//String userName="CN="+logon+",CN=Users,DC=dblab,DC=lab";
String userName="CN="+logon+",o=SAMS";
env.put(Context.SECURITY_PRINCIPAL,userName);
env.put(Context.SECURITY_CREDENTIALS,pwd);
 
Ilja Preuss
author
Sheriff
Posts: 14112
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That code is just filling a hashtable - what does the code look like that is doing the actual connection to the server?

And what *exact* error do you get?
 
Swosti Dipan Pal
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am using the InitialDirContext.I am passing the hashtable values to this constructor. I am n't using any connection ? Is there any need of it ?

DirContext ctx = new InitialDirContext(env);

The error which I am getting is given below.

>>>>> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,356 INFO [STDOUT] >>>>> simple bind failed: 208.53.52.78:6362
11:15:30,356 ERROR [STDERR] javax.naming.CommunicationException: simple bind failed: 208.53.52.78:6362 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
11:15:30,357 ERROR [STDERR] at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:197)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2637)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
11:15:30,358 ERROR [STDERR] at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.init(InitialContext.java:223)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.<init>(InitialContext.java:197)
11:15:30,358 ERROR [STDERR] at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
11:15:30,358 ERROR [STDERR] at com.dbridge.ldap.ldap.getAllPersonNames(ldap.java:69)
11:15:30,358 ERROR [STDERR] at org.apache.jsp.html.helloWorld_jsp._jspService(helloWorld_jsp.java:77)
11:15:30,358 ERROR [STDERR] at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
11:15:30,358 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
11:15:30,358 ERROR [STDERR] at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:332)
11:15:30,359 ERROR [STDERR] at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
11:15:30,359 ERROR [STDERR] at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
11:15:30,359 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
11:15:30,359 ERROR [STDERR] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
11:15:30,359 ERROR [STDERR] at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
11:15:30,359 ERROR [STDERR] at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
11:15:30,360 ERROR [STDERR] at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
11:15:30,360 ERROR [STDERR] at java.lang.Thread.run(Thread.java:595)
11:15:30,360 ERROR [STDERR] Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:877)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:737)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.read1(BufferedInputStream.java:256)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.read(BufferedInputStream.java:313)
11:15:30,361 ERROR [STDERR] at com.sun.jndi.ldap.Connection.run(Connection.java:784)
11:15:30,361 ERROR [STDERR] ... 1 more
11:15:30,361 ERROR [STDERR] Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,361 ERROR [STDERR] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
11:15:30,362 ERROR [STDERR] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
11:15:30,362 ERROR [STDERR] at sun.security.validator.Validator.validate(Validator.java:203)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
11:15:30,362 ERROR [STDERR] ... 12 more
11:15:30,362 ERROR [STDERR] Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,362 ERROR [STDERR] at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
11:15:30,362 ERROR [STDERR] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
11:15:30,362 ERROR [STDERR] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
11:15:30,362 ERROR [STDERR] ... 17 more
 
Swosti Dipan Pal
Ranch Hand
Posts: 70
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I found a solution to it. Thanks.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic