JavaRanch » Java Forums »
Java »
Java in General
| Author |
eDirectory authentication using SSL
|
Swosti Dipan Pal
Ranch Hand
Joined: Sep 23, 2005
Posts: 70
|
|
I have used the following code to authenticate to the eDirectory server using the 389 port. However, when I am using the 636 (secured port) it is throwing error. Please help me to know the source of error and solution to this issue.
Hashtable env = new Hashtable();
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
//env.put(Context.PROVIDER_URL,"ldap://208.53.52.78:389/dc=dblab,dc=lab");
env.put(Context.PROVIDER_URL,
defaultProps.getProperty("PROVIDER_URL"));
/*env.put(Context.SECURITY_PRINCIPAL,
defaultProps.getProperty("SECURITY_PRINCIPAL"));
env.put(Context.SECURITY_CREDENTIALS, defaultProps.getProperty("SECURITY_CREDENTIALS"));*/
//String userName="CN="+logon+",CN=Users,DC=dblab,DC=lab";
String userName="CN="+logon+",o=SAMS";
env.put(Context.SECURITY_PRINCIPAL,userName);
env.put(Context.SECURITY_CREDENTIALS,pwd);
|
Thanks<br />-Swosti
|
 |
Ilja Preuss
author
Sheriff
Joined: Jul 11, 2001
Posts: 14112
|
|
That code is just filling a hashtable - what does the code look like that is doing the actual connection to the server?
And what *exact* error do you get?
|
The soul is dyed the color of its thoughts. Think only on those things that are in line with your principles and can bear the light of day. The content of your character is your choice. Day by day, what you do is who you become. Your integrity is your destiny - it is the light that guides your way. - Heraclitus
|
|
Swosti Dipan Pal
Ranch Hand
Joined: Sep 23, 2005
Posts: 70
|
|
I am using the InitialDirContext.I am passing the hashtable values to this constructor. I am n't using any connection ? Is there any need of it ?
DirContext ctx = new InitialDirContext(env);
The error which I am getting is given below.
>>>>> javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,356 INFO [STDOUT] >>>>> simple bind failed: 208.53.52.78:6362
11:15:30,356 ERROR [STDERR] javax.naming.CommunicationException: simple bind failed: 208.53.52.78:6362 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
11:15:30,357 ERROR [STDERR] at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:197)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2637)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
11:15:30,358 ERROR [STDERR] at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
11:15:30,358 ERROR [STDERR] at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.init(InitialContext.java:223)
11:15:30,358 ERROR [STDERR] at javax.naming.InitialContext.<init>(InitialContext.java:197)
11:15:30,358 ERROR [STDERR] at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
11:15:30,358 ERROR [STDERR] at com.dbridge.ldap.ldap.getAllPersonNames(ldap.java:69)
11:15:30,358 ERROR [STDERR] at org.apache.jsp.html.helloWorld_jsp._jspService(helloWorld_jsp.java:77)
11:15:30,358 ERROR [STDERR] at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
11:15:30,358 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
11:15:30,358 ERROR [STDERR] at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:332)
11:15:30,359 ERROR [STDERR] at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
11:15:30,359 ERROR [STDERR] at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
11:15:30,359 ERROR [STDERR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
11:15:30,359 ERROR [STDERR] at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
11:15:30,359 ERROR [STDERR] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
11:15:30,359 ERROR [STDERR] at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
11:15:30,359 ERROR [STDERR] at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
11:15:30,359 ERROR [STDERR] at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
11:15:30,360 ERROR [STDERR] at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
11:15:30,360 ERROR [STDERR] at java.lang.Thread.run(Thread.java:595)
11:15:30,360 ERROR [STDERR] Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:877)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:737)
11:15:30,360 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.read1(BufferedInputStream.java:256)
11:15:30,360 ERROR [STDERR] at java.io.BufferedInputStream.read(BufferedInputStream.java:313)
11:15:30,361 ERROR [STDERR] at com.sun.jndi.ldap.Connection.run(Connection.java:784)
11:15:30,361 ERROR [STDERR] ... 1 more
11:15:30,361 ERROR [STDERR] Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,361 ERROR [STDERR] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:221)
11:15:30,362 ERROR [STDERR] at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:145)
11:15:30,362 ERROR [STDERR] at sun.security.validator.Validator.validate(Validator.java:203)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:172)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(SSLContextImpl.java:320)
11:15:30,362 ERROR [STDERR] at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:841)
11:15:30,362 ERROR [STDERR] ... 12 more
11:15:30,362 ERROR [STDERR] Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
11:15:30,362 ERROR [STDERR] at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:236)
11:15:30,362 ERROR [STDERR] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:194)
11:15:30,362 ERROR [STDERR] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:216)
11:15:30,362 ERROR [STDERR] ... 17 more
|
|
Swosti Dipan Pal
Ranch Hand
Joined: Sep 23, 2005
Posts: 70
|
|
|
I found a solution to it. Thanks.
|
|
 |
|
|
subject: eDirectory authentication using SSL
|
|
|
|
0
