Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Core >> Core APIs

TLS simple authentication fail to read the context environment

I am attempting to authenticate to an Open LDAP server using TLS. I had followed the example in http://java.sun.com/products/jndi/tutorial/ldap/ext/starttls.html. My test case worked fine, but when implementing the same/similar code to the real thing it did not work. No errors were encountered, so I am assuming it is taking the default of Context.SECURITY_AUTHENTICATION, "none" and not reading/recognizing the "connection.addToEnvironment" statements after the "tls.negotiate();" line. Here is the code that I am working with. I would appreciate any help, thanks in advance.

protected final LdapContext connect(final String bindDn,

final String bindPassword) {

LdapContext connection = null;

traceBegin();

try {

Hashtable hashtable = new Hashtable(11);

hashtable.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");

hashtable.put(Context.PROVIDER_URL, url);

connection = new InitialLdapContext(hashtable, null);

trace("Initiating TLS communication with LDAP directory (url=`" + url + "`)...");

StartTlsResponse tls =

(StartTlsResponse) connection.extendedOperation(new StartTlsRequest());

tls.negotiate();

connection.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple");

connection.addToEnvironment(Context.SECURITY_PRINCIPAL, bindDn);

connection.addToEnvironment(Context.SECURITY_CREDENTIALS, bindPassword);

if (secured) {

connection.addToEnvironment(Context.SECURITY_PROTOCOL, "ssl");

}

trace("Connecting to the LDAP directory (url=`" + url + "', username=`" + bindDn + "')...");

setConnectError(CONNECT_SUCCESS);

trace("Connection succeeded.");

traceEnd("ok");

return connection;

} catch (AuthenticationException e) {

trace("Connection failed: " + e.getMessage());

setConnectError(CONNECT_NOAUTH);

} catch (NamingException e) {

Log.warn("Could not connect to \"" + url + "\"");

trace("Connection failed: '" + e.getMessage() + "')");

setConnectError(CONNECT_FAILURE);

} catch (IOException e) {

trace("Connection failed: '" + e.getMessage() + "')");

//e.printStackTrace();

setConnectError(CONNECT_FAILURE);

}

// connection failed, but try to close the connection however

if (connection != null) {

try {

trace("Closing LDAP connection...");

connection.close();

} catch (NamingException e2) {

Log.warn("Could not close LDAP connection.");

}

}

traceEnd("null");

return null;

}

[2606 byte] By [samoanbroa] at [2007-10-2 20:21:01]
«« Strange Compiler Error
»» login window - gui with file io
# 1

Found fix: added LdapContext.reconnect( ) method. Although it works it would seem there is unnecessary overhead since it has to bind twice.

(StartTlsResponse) connection.extendedOperation(new StartTlsRequest());

tls.negotiate();

connection.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple");

connection.addToEnvironment(Context.SECURITY_PRINCIPAL, bindDn);

connection.addToEnvironment(Context.SECURITY_CREDENTIALS, bindPassword);

connection.reconnect(null); //new line

samoanbroa at 2007-7-13 23:03:27 > top of Java-index,Core,Core APIs...
Core APIs

Core New Topic

Core Hot Topic

Core

All Classified