* Mike Langhorst [2006-07-11 06:39:42 -0700]: > My reply to the list seemed to bounce:
Try removing the spurious -request. > Well if it's ssl that's failing, do you have a cert database setup to trust > the ssl certificate of the server? I did add my local CA certificate (the one that signed my LDAP server cert) to JXplorer's cacerts file. That did not solve the problem. I haven't fully researched this yet (it hasn't been a high priority for me), but I believe some extra Java-side configuration is required to make JXplorer use SSL with GSSAPI. This must have been discussed on the mailing list in the past. In principle it's not too bad since GSSAPI has its own way of negotiating integrity and (if desired) confidentiality. (Whether JXplorer may have implementation flaws in this area is another question.) > Not sure how to accomplish this with JXplorer, but unless you have a cert > signed by one of the big players (Verisign, Thawte, etc), apps usually won't > trust the server certificate to allow you to create this ssl connection. Unless JXplorer pays attention to the Java VM's cacerts file (and I hope it doesn't: it has its own private cacerts file for a reason), even the big players won't be trusted by default. > On 7/11/06, Sergio Gelato <[EMAIL PROTECTED]> wrote: > > > >* Ron Rademaker [2006-07-11 09:45:09 +0200]: > >> Thanks, that worked a little bit. But now I get a new error message > >> (after typing my kerberos password): > >> > >> Error opening connection: > >> null > >> > >> java.lang.NullPointerException > >> at com.ca.commons.jndi.JNDIOps.setContext(JNDIOps.java:1564) > >> at com.ca.commons.jndi.JNDIOps.setupKerberosContext(JNDIOps.java:131) > >> at com.ca.commons.jndi.JNDIOps.<init>(JNDIOps.java:97) > > > >>From the line numbers you seem to be using the 3.1 release. > >It would appear that > >javax.security.auth.Subject.doAs(lc.getSubject(), new JndiAction(env)) > >is returning null; the question is why. The JndiAction(env) constructor > >returns whatever javax.naming.directory.InitialDirContext(env) returns. > >In other words, it's the LDAP connection establishment that's failing. > >Did you specify the right hostname and port number for your LDAP server? > > > >(I get the exact same error if I specify the wrong port number. Port > >636 counts as "wrong" here for some reason, even though my LDAP server > >is SSL-enabled, but port 389 works for me.) > > > > > >------------------------------------------------------------------------- > >Using Tomcat but need to do more? Need to support web services, security? > >Get stuff done quickly with pre-integrated technology to make your job > >easier > >Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > >http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 > >_______________________________________________ > >Jxplorer-users mailing list > >Jxplorer-users@lists.sourceforge.net > >https://lists.sourceforge.net/lists/listinfo/jxplorer-users > > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Jxplorer-users mailing list Jxplorer-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jxplorer-users
