----- "Felix Schumacher" <felix.schumac...@internetallee.de> wrote:
> On Sun, 15 Aug 2010 21:33:09 +0000 (UTC), Igor Galić
> <i.ga...@brainsware.org> wrote:
> > ----- "Felix Schumacher" <felix.schumac...@internetallee.de> wrote:
> >
> >> Ok, my patch will not work, since new InitialDirContext(env) will
> not
> >> create a LdapContext, but a DirContext. You could try to change
> new
> >> InitialDirContext(env) into InitalLdapContext(env, null) as used
> in
> >> the
> >> sun startssl example.
> I have implemented a InitialContextFactory which does startTLS
> internally.
>
> That factory can be used with the standard JNDIRealm implementation.
> Just
> extend your original Realm with
> <Realm
> ...
> contextFactory="dummy.LdapTlsContextFactory"
> ...
> />
Following your advise, I compiled the source (within the tree) and extended
the configuration to this:
<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionURL="ldap://mail.brainsware.org:389/";
alternateURL="ldap://mail.esotericsystems.at:389";
commonRole="admin" connectionName="uid=whatever"
connectionPassword="securityisgreat."
userBase="ou=people,dc=brainsware,dc=org"
userPattern="(uid={0})(postOfficeBox=internal_projects)"
startTLS="true"
contextFactory="org.apache.naming.factory.LdapTlsContextFactory"
userSearch="(uid={0})" />
The wireshark trace still looks the same.
But the stacktrace is now two:
INFO: Starting Servlet Engine: Apache Tomcat/6.0.0-dev
Aug 16, 2010 10:37:25 PM org.apache.catalina.realm.JNDIRealm open
WARNING: Exception performing authentication
javax.naming.AuthenticationNotSupportedException: [LDAP: error code 13 -
confidentiality required]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3032)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at
com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at
com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at
com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at
javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
at
org.apache.naming.factory.LdapTlsContextFactory$ProxyLdapContext.<init>(LdapTlsContextFactory.java:31)
at
org.apache.naming.factory.LdapTlsContextFactory$ProxyLdapContext.<init>(LdapTlsContextFactory.java:25)
at
org.apache.naming.factory.LdapTlsContextFactory.getInitialContext(LdapTlsContextFactory.java:96)
at
javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at
javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at
javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
at org.apache.catalina.realm.JNDIRealm.open(JNDIRealm.java:1982)
at org.apache.catalina.realm.JNDIRealm.start(JNDIRealm.java:2087)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1037)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)
at
org.apache.catalina.core.StandardService.start(StandardService.java:519)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Aug 16, 2010 10:37:26 PM org.apache.catalina.startup.Catalina start
SEVERE: Catalina.start:
LifecycleException: Exception opening directory server connection:
javax.naming.NotContextException: Not an instance of LdapContext
at org.apache.catalina.realm.JNDIRealm.start(JNDIRealm.java:2089)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1037)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:445)
at
org.apache.catalina.core.StandardService.start(StandardService.java:519)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
Aug 16, 2010 10:37:26 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 538 ms
>
> Bye
> Felix
bye,
i
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: i.ga...@brainsware.org
URL: http://brainsware.org/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
