<small id='M0XgR'></small><noframes id='M0XgR'>

<legend id='M0XgR'><style id='M0XgR'><dir id='M0XgR'><q id='M0XgR'></q></dir></style></legend>

      <bdo id='M0XgR'></bdo><ul id='M0XgR'></ul>

    <tfoot id='M0XgR'></tfoot>

    1. <i id='M0XgR'><tr id='M0XgR'><dt id='M0XgR'><q id='M0XgR'><span id='M0XgR'><b id='M0XgR'><form id='M0XgR'><ins id='M0XgR'></ins><ul id='M0XgR'></ul><sub id='M0XgR'></sub></form><legend id='M0XgR'></legend><bdo id='M0XgR'><pre id='M0XgR'><center id='M0XgR'></center></pre></bdo></b><th id='M0XgR'></th></span></q></dt></tr></i><div id='M0XgR'><tfoot id='M0XgR'></tfoot><dl id='M0XgR'><fieldset id='M0XgR'></fieldset></dl></div>

        LDAP over SSL 与 Java

        时间:2024-05-10
        <i id='1DDsN'><tr id='1DDsN'><dt id='1DDsN'><q id='1DDsN'><span id='1DDsN'><b id='1DDsN'><form id='1DDsN'><ins id='1DDsN'></ins><ul id='1DDsN'></ul><sub id='1DDsN'></sub></form><legend id='1DDsN'></legend><bdo id='1DDsN'><pre id='1DDsN'><center id='1DDsN'></center></pre></bdo></b><th id='1DDsN'></th></span></q></dt></tr></i><div id='1DDsN'><tfoot id='1DDsN'></tfoot><dl id='1DDsN'><fieldset id='1DDsN'></fieldset></dl></div>

          <bdo id='1DDsN'></bdo><ul id='1DDsN'></ul>
            <tbody id='1DDsN'></tbody>

          <legend id='1DDsN'><style id='1DDsN'><dir id='1DDsN'><q id='1DDsN'></q></dir></style></legend>
              • <tfoot id='1DDsN'></tfoot>

                <small id='1DDsN'></small><noframes id='1DDsN'>

                  本文介绍了LDAP over SSL 与 Java的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

                  问题描述

                  以下代码可以正常工作:

                  The following code works fine:

                  public static void main(String[] args) {
                      String userName = "admin";
                      String password = "s3cret";
                      Hashtable env = new Hashtable();
                      env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
                      env.put(Context.PROVIDER_URL, "ldap://192.168.10.45:389/dc=softwaredev,dc=local");
                      //env.put(Context.SECURITY_PROTOCOL, "ssl");
                      env.put(Context.SECURITY_AUTHENTICATION, "simple");
                      env.put(Context.SECURITY_PRINCIPAL, new String("softwaredev" + "\" + userName));
                      env.put(Context.SECURITY_CREDENTIALS, password);
                  
                      DirContext ctx = null;
                      NamingEnumeration results = null;
                      try {
                          ctx = new InitialDirContext(env);
                          SearchControls controls = new SearchControls();
                          controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
                          results = ctx.search("", "(objectclass=person)", controls);
                          while (results.hasMore()) {
                              SearchResult searchResult = (SearchResult) results.next();
                              Attributes attributes = searchResult.getAttributes();
                              System.out.println(" Person Common Name = " + attributes.get("cn"));
                              System.out.println(" Person Display Name = " + attributes.get("displayName"));
                              System.out.println(" Person logonhours = " + attributes.get("logonhours"));
                              System.out.println(" Person MemberOf = " + attributes.get("memberOf"));
                          }
                      } catch (Throwable e) {
                          e.printStackTrace();
                      } finally {
                          if (results != null) {
                              try {
                                  results.close();
                              } catch (Exception e) {
                              }
                          }
                          if (ctx != null) {
                              try {
                                  ctx.close();
                              } catch (Exception e) {
                              }
                          }
                      }
                  }
                  

                  如果我取消注释以下行:env.put(Context.SECURITY_PROTOCOL, "ssl"); 启用 SSL 连接并使用此 URL:

                  If I uncomment the following line: env.put(Context.SECURITY_PROTOCOL, "ssl"); to enable SSL connection and use this URL:

                  ldaps://192.168.10.45:636
                  

                  然后程序失败,错误是关于证书的.

                  then the program fails and the error is about the certificate.

                  *javax.naming.CommunicationException: simple bind failed: 192.168.10.45:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
                      at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
                      at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
                      at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
                      at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
                      at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
                      at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
                      at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
                      at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
                      at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
                      at javax.naming.InitialContext.init(Unknown Source)
                      at javax.naming.InitialContext.<init>(Unknown Source)
                      at javax.naming.directory.InitialDirContext.<init>(Unknown Source)
                      at asd.LdapBasicExample.main(LdapBasicExample.java:25)
                  Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
                      at sun.security.ssl.Alerts.getSSLException(Unknown Source)
                      at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
                      at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
                      at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
                      at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
                      at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
                      at sun.security.ssl.Handshaker.processLoop(Unknown Source)
                      at sun.security.ssl.Handshaker.process_record(Unknown Source)
                      at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
                      at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
                      at sun.security.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
                      at sun.security.ssl.AppInputStream.read(Unknown Source)
                      at java.io.BufferedInputStream.fill(Unknown Source)
                      at java.io.BufferedInputStream.read1(Unknown Source)
                      at java.io.BufferedInputStream.read(Unknown Source)
                      at com.sun.jndi.ldap.Connection.run(Unknown Source)
                      at java.lang.Thread.run(Unknown Source)
                  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
                      at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
                      at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
                      at sun.security.validator.Validator.validate(Unknown Source)
                      at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
                      at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
                      at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
                      ... 13 more
                  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
                      at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
                      at java.security.cert.CertPathBuilder.build(Unknown Source)*
                  

                  那么,我该怎么做才能解决这个问题呢?

                  So, what can I do to solve this problem?

                  推荐答案

                  原因:sun.security.validator.ValidatorException:PKIX 路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径

                  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

                  您的客户端信任库不信任 LDAP 服务器的证书.您需要通过 CA 对其进行签名,或者将其从服务器导出到所有客户端信任库中.最终签署它更容易、更便宜.

                  Your client truststore doesn't trust the LDAP server's certificate. You need to either get it signed by a CA or else export it from the server into all the client truststores. It is ultimately easier and cheaper to get it signed.

                  这篇关于LDAP over SSL 与 Java的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

                  上一篇:从 Java 应用程序连接 LDAP 服务器 下一篇:如何通过 JNDI 检索 LDAP 密码

                  相关文章

                1. <i id='u7yNU'><tr id='u7yNU'><dt id='u7yNU'><q id='u7yNU'><span id='u7yNU'><b id='u7yNU'><form id='u7yNU'><ins id='u7yNU'></ins><ul id='u7yNU'></ul><sub id='u7yNU'></sub></form><legend id='u7yNU'></legend><bdo id='u7yNU'><pre id='u7yNU'><center id='u7yNU'></center></pre></bdo></b><th id='u7yNU'></th></span></q></dt></tr></i><div id='u7yNU'><tfoot id='u7yNU'></tfoot><dl id='u7yNU'><fieldset id='u7yNU'></fieldset></dl></div>
                      <bdo id='u7yNU'></bdo><ul id='u7yNU'></ul>
                    <legend id='u7yNU'><style id='u7yNU'><dir id='u7yNU'><q id='u7yNU'></q></dir></style></legend>

                    <tfoot id='u7yNU'></tfoot>
                  1. <small id='u7yNU'></small><noframes id='u7yNU'>