my dog learned polymorphism*
The moose likes BEA/Weblogic and the fly likes InitialContext - LDAP properties Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "InitialContext - LDAP properties" Watch "InitialContext - LDAP properties" New topic
Author

InitialContext - LDAP properties

Garlapati Ravi
Ranch Hand

Joined: Mar 05, 2008
Posts: 168
Hi All,

I need a clarrification on InitialContext properties:

weblogic.jndi.Environment env = new weblogic.jndi.Environment();
env.setProviderUrl(jndi_url);
System.setProperty("weblogic.StdoutDebugEnabled", rb.getString("Debug.StdoutDebugEnabled"));
InputStream key = new FileInputStream(rb.getString("SSL.KeyStore.Key"));
InputStream cert = new FileInputStream(rb.getString("SSL.KeyStore.Cert"));
env.setSSLClientCertificate(new InputStream[] {key, cert});
env.setSSLClientKeyPassword(rb.getString("SSL.KeyStore.KeyPassword"));
Context ctx = env.getInitialContext();

I am converting above code into vendor neutral(removing weblogic related stuff)

Hashtable props = new Hashtable();
props.put(Context.PROVIDER_URL,jndi_url);
props.put(Context.SECURITY_PRINCIPAL,rb.getString("SSL.KeyStore.Cert")); // ERROR, it's failing here
props.put(Context.SECURITY_CREDENTIALS,rb.getString("SSL.KeyStore.KeyPassword"));
Context ctx = new InitialContext(props);


Here I dont understand one thing, in the first part of the code, they are passing key and cert values in setSSLClientCertificate method, in the second part of code do i need to pass those values to any method ? I did some reading on this, we need to pass user releated information into SECURITY_PRINCIPAL constant. how is it looks like ?

Now my question is, can we reuse Key/Cert or do i need to have entirely new set of code ? Requesting to clarify.

Thanks,
Kumar


Ravi Kumar
SCWCD 5 - 89%, SCJP 1.4 - 90%
Freddy Wong
Ranch Hand

Joined: Sep 11, 2006
Posts: 959

You got it wrong. The CONTEXT_SECURITY_PRINCIPAL will be for the user or bind DN and the SECURITY_CREDENTIALS will be for the password to connect to the LDAP. To use SSL as the communication protocol, you just need to set the system properties, e.g.
-Djavax.net.ssl.keyStore=MyKeystoreFile -Djavax.net.ssl.keyStorePassword=mysecret

For more info, you can read this

Hope this helps.


SCJP 5.0, SCWCD 1.4, SCBCD 1.3, SCDJWS 1.4
My Blog
Garlapati Ravi
Ranch Hand

Joined: Mar 05, 2008
Posts: 168
Thanks Freddy, the link you provided not working, could you please send the correct one.
where we need to set the system properties ?
Freddy Wong
Ranch Hand

Joined: Sep 11, 2006
Posts: 959

OK. Fixed the link. You can specify it programmatically by using


Or you can add the java option in the startWebLogic.sh, e.g.
java --Djavax.net.ssl.keyStore=keystore.jks -Djavax.net.ssl.keyStorePassword=password
Garlapati Ravi
Ranch Hand

Joined: Mar 05, 2008
Posts: 168
Freddy,
i think i got you upto some extent, still missing some concept, i read that material, may be becuase of confusion

1)You have specified about .jks file and password, but i need to pass user information aswell, to get the InitialContext object. ultimately i am looking for InitialContext object using SSL.
2)i got 2 more files, CERTIFICATE(.pem) and PRIVATE KEY(.key), do i need them any more.

Could you please clarify.
 
Don't get me started about those stupid light bulbs.
 
subject: InitialContext - LDAP properties
 
Similar Threads
EJB3 Dependency Injection: How to write ApplicationClient injecting @EJB correctly ?
whether connection pool will available at the time of starting the server
NoInitialContextException error
Corba ORB exception while creating InitialContext
Naming Context problem