Im pretty sure its hostname verification errors because once I uploaded the certificate from the host and used that hostname instead of the ip it worked. And it was always the hostname error i would get. I thought the AllowAnyHostnameVerifier would work but not sure how to implement that. I'll try putting the different socket factory in the deployerConfigContext.xml and see what happens. Thanks, Jim
On Mon, Mar 2, 2015 at 6:39 PM, Daniel Fisher <[email protected]> wrote: > On Mon, Mar 2, 2015 at 11:02 AM, Jim Price <[email protected]> > wrote: > >> I'm not really a programmer and need a little guidance. Im guessing that >> ldaptive is brought in by maven as a dependency could you point me in a >> direction in how this could be overwritten or the method replaced. >> > > I'm not sure if you're tripping over trust errors or hostname verification > errors. > Ldaptive injects a custom socket factory if you're using LDAPS to perform > hostname verification. > If you want to change that behavior you can tell JNDI to use a specific > SocketFactory. > This should get you back to the behavior you had before: > > <bean id=“socketFactory” class="org.ldaptive.ssl.TLSSocketFactory” /> > > <bean id=“providerConfig” > class="org.ldaptive.provider.jndi.JndiProviderConfig” > p:sslSocketFactory-ref=“socketFactory” /> > > <bean id=“provider” class="org.ldaptive.provider.jndi.JndiProvider” > p:providerConfig-ref=“providerConfig" /> > > <bean id="connectionFactory" class="org.ldaptive.DefaultConnectionFactory" > p:connectionConfig-ref="connectionConfig" > p:provider-ref=“provider” /> > > --Daniel Fisher > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
