个人中心
gpt4 book ai didi

java - LDAPConnection (org.apache.directory.ldap.client.api.LdapConnection) 在 ssl 上失败

转载 作者:行者123 更新时间:2023-11-30 03:46:37 24 4
gpt4 key购买 nike

我在尝试通过 636 并启用 ssl 连接到我的服务器时遇到错误。

我使用 apache Directory Studio 来探索 Active Directory 并通过端口 636 和 ssl (ldaps://....) 连接

现在我得到了以下代码:

LdapConnection connection = new LdapNetworkConnection("172.16.1.8", 636, true);

这不起作用:

org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException: PROTOCOL_ERROR: The server will disconnect!
at org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2163)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:129)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:112)
at ch.berufsbildungscenter.notiztool.control.Account.login(Account.java:123)
at ch.berufsbildungscenter.notiztool.control.Account.login(Account.java:100)
at ch.berufsbildungscenter.notiztool.gui.control.LoginController$2.run(LoginController.java:53)

有人知道为什么不呢?

这是登录功能:

/**
 * Checks the pw with the pw on the Active Directory.
 * 
 * @param username 
 * @param pw
 * @param b
 * 
 * @return true if login was successful, false if not.
 */
private static boolean login(String username, String pw, Berufsbildner b) {
    if(b == null)
        return false;
    String cn = b.getNachname() + " " + b.getVorname();
    //Create connection to the LDAP server
    @SuppressWarnings("resource")
    LdapConnection connection = new LdapNetworkConnection("172.16.1.8", 636, true);
    //try to bind with the login data
    try {
        //------------------ Here's the exception
        connection.bind("CN="+ cn +",OU=Ausbilder,OU=Informatiker,OU=Ascom Bern,OU=Berufsbildungscenter,DC=bbcnet,DC=ch", pw);
        loggedin = true;
        currentAccount = b;
    } catch (LdapException e) {
        e.printStackTrace();
        loggedin = false;
        return false;
    }
    return true;

谢谢

最佳答案

使用此行设置 SSL 协议(protocol):

connection.setSslProtocol("SSLv3");

并将信任管理器设置为以下行:

connection.setTrustManagers(new CustomTtrustManager());

CutomTrustManager 是您通过实现 X509TrustManager 或任何类型的信任管理器定义的信任管理器。例如:

public class CustomTtrustManager implements X509TrustManager
{
    public boolean isClientTrusted(X509Certificate[] cert)
    {
        return true;
    }

    public boolean isServerTrusted(X509Certificate[] cert)
    {
        try
        {
            cert[0].checkValidity();
            return true;
        }
        catch (CertificateExpiredException e)
        {
            return false;
        }
        catch (CertificateNotYetValidException e)
        {
            return false;
        }
    }

    public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
        throws CertificateException
    {
        // Do nothing for now.
    }

    public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
        throws CertificateException
    {
        // Do nothing for now.
    }

    public X509Certificate[] getAcceptedIssuers()
    {
        return new X509Certificate[0];
    }
}

关于java - LDAPConnection (org.apache.directory.ldap.client.api.LdapConnection) 在 ssl 上失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/25505141/

24 4 0
文章推荐: Java - 如何查找由特定接口(interface)或 super 接口(interface)名称扩展的接口(interface)
文章推荐: java - .POST_MODULE : Failed to process phase POST_MODULE of deployment
文章推荐: java - ExecutorService hibernate 线程池中的所有线程
文章推荐: android - 如何在 Android 中使用 Flurry AddListener 与 Flurry 集成
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com