aspose file tools*
The moose likes Java in General and the fly likes cannot connect to LDAP through JNDI Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Java in General
Bookmark "cannot connect to LDAP through JNDI" Watch "cannot connect to LDAP through JNDI" New topic
Author

cannot connect to LDAP through JNDI

christine clarin
Ranch Hand

Joined: Feb 05, 2005
Posts: 106
Hello,

I'm using JNDI to connect to our LDAP server and get the list (i just need to print it out) of organizational units. I am following the tutorial from here and but i'm still getting this error (code that i ended up with is the filter search below):



Is it because the port is 636 and i should use ldaps and binding is through ssl encryption? or do i have an error in the code below particularly in doFilterSearch()? is the term 'organizationalunit' general for LDAP schemas? do I get what I want in here i.e., ou? please help, i'm not really sure how to go about this and i just need to simply just connect and I'm ok already...thank you thank you very much in advance




Joanne Neal
Rancher

Joined: Aug 05, 2005
Posts: 3669
    
  15
Port 636 is the default LDAP SSL port, so yes you probably are trying to connect over SSL.
Try adding
env.put(Context.SECURITY_PROTOCOL, "ssl");
in your getDirContext method.

You also need to make sure you have your certificates set up correctly.

If possible I would try to get the program working on the non-LDAP port (389 by default) first and then add SSL support.

A useful thing to do when trying to debug an SSL connection is add
-Djavax.net.debug=ssl
to your command line. This will produce a whole load of debug information about the SSL handshake which may give you more information about the problem.

Wireshark is also a useful tool for debugging any comms related problems.


Joanne
christine clarin
Ranch Hand

Joined: Feb 05, 2005
Posts: 106
Thank you for this. should i also put this instead (put ldaps:// instead of just ldap://) :



what's the difference between:

and

??

because I used the first one and made use of ldaps://hostname:636 but i'm still getting connection timed out help! i really don't know how else to fix this

thank you!
Joanne Neal
Rancher

Joined: Aug 05, 2005
Posts: 3669
    
  15
Context.SECURITY_AUTHENTICATION describes how the user will be authenticated. Use "simple" if you want to use user name and password authentication.

Context.SECURITY_PROTOCOL describes how data will be transmitted between the client and server. Default is plaintext. Use "ssl" if you want to encrypt the comms.

Debugging SSL is not for the faint hearted. You usually need to take a look at what is happening between the client and server using a wire sniffer like wireshark or logging the SSL handshake (or both).
Have you got it working on a non-SSL connection yet ? This is definitely the first step.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: cannot connect to LDAP through JNDI