Hi,
In case anyone is interested, I have solved my problem. I used the
JNDIRealm for Tomcat 4 found on this site
http://www.peacetech.com/java/files/apache/tomcat/ and added the following
2 lines to my code:
System.setProperty("javax.net.ssl.trustStore",
"D:/java/j2sdk1.4.0/jre/lib/security/cacerts");
env.put(Context.SECURITY_PROTOCOL, "ssl");
Of course, I first imported the LDAP server's certificate and the signed CA
certificate (from my LDAP administrator) into the cacerts file using
keytool.
Petar
|---------+------------------------------>
| | "Petar Lalovic" |
| | <Petar_Lalovic@cana|
| | dalife.com> |
| | |
| | 01/24/2003 10:13 AM|
| | Please respond to |
| | "Tomcat Users List"|
| | |
|---------+------------------------------>
>------------------------------------------------------------------------------------------------------------------------------|
|
|
| To: [EMAIL PROTECTED]
|
| cc:
|
| Subject: Tomcat to LDAP over SSL
|
>------------------------------------------------------------------------------------------------------------------------------|
Hi,
We are running Tomcat 4 Standalone. The requirement is to have Tomcat
establish a secure connection with our LDAP server on port 636 (SSL) so
that only communications between Tomcat and LDAP are encrypted (browser to
Tomcat are normal HTTP). The JNDI Realm HOW-TO got us up and running
without SSL to the LDAP server. But on changing the port from 389 to 636
for the connectionURL attribute, we get a
javax.naming.CommunicationException and Tomcat fails to start up. The same
LDAP server currently communicates with WebSphere using SSL.
If anyone has attempted this before, or has suggestions on how to get it to
work, your feedback is greatly appreciated.
Petar
Disclaimer Notice: If you are not the intended recipient of this
transmission, you are hereby notified that any disclosure or other action
taken in reliance on its contents is strictly prohibited. Please delete the
information from your system and notify the sender immediately. We have
taken precautions against viruses, but take no responsibility for loss or
damage that may be caused by its contents.
************************************************************
Avertissement
: Si vous n'�tes pas le destinataire du pr�sent message, soyez par la
pr�sente avis� que toute divulgation ou autre action effectu�e en rapport
avec le contenu du message est formellement interdite. Si vous avez re�u ce
message par erreur, veuillez nous en aviser sans d�lai par un courriel de
r�ponse et effacer les renseignements de votre syst�me. Nous prenons toutes
les pr�cautions n�cessaires pour nous assurer que le pr�sent message ne
contient pas de virus mais nous n'assumons aucune responsabilit� quant � la
perte ou aux dommages qui pourraient �tre caus�s par son contenu.
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
