LDAPS connection

Question

I have a groovy script to connect to LDAP server; the code is:

import org.apache.directory.groovyldap.LDAP
import org.apache.directory.groovyldap.Search
import org.apache.directory.groovyldap.SearchScope

ldap = LDAP.newInstance('ldap://<Ip address>:389/', 'cn=Manager,dc=telecom,dc=it', 'italtel123')

result = ldap.exists('uid=TstAut01,ou=People,dc=telecom,dc=it')

log.info result

It's possible to use the ldaps protocol instead of ldap (ldaps://<Ip address>:636/) ?

Regards

Massimo

kondasamy · Accepted Answer

Based on my analysis. this exception would be thrown when your server has self signed certificate and when accessing SSL enabled connections (HTTPS, LDAPS etc.,) . To solve this should add the certificate to the list of trusted certificates (cacerts) of your JVM.

Here is the links for workarounds,

How to fetch certificate - http://magicmonster.com/kb/prg/java/ssl/pkix_path_building_failed.html

How to add the certificate to CACERTS of JVM - http://stackoverflow.com/questions/6908948/java-sun-security-provider-certpath-suncertpathbuilderexception-unable-to-find

Thanks,

Samy

Did my reply answer your question? Give Kudos or Accept it as a Solution to help others, Thanks. ↓↓↓

kondasamy · Answer

Never tried! But, based on the documentation, you should be able to access LDAPS with the same kind of code implementation. Please try with LDAPS and let us know if you face any problem!

Reference - http://docs.oracle.com/javase/jndi/tutorial/ldap/misc/url.html

Thanks,

Samy

Did my reply answer your question? Give Kudos or Accept it as a Solution to help others, Thanks. ↓↓↓

massimo · Answer

I just try and I have the following error:

Tue Nov 10 14:19:35 CET 2015:ERROR:javax.naming.CommunicationException: simple bind failed: 172.24.40.11:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
javax.naming.CommunicationException: simple bind failed: 172.24.40.11:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.ldap.InitialLdapContext.<init>(Unknown Source)
at org.apache.directory.groovyldap.LDAP.performWithContext(Unknown Source)
at org.apache.directory.groovyldap.LDAP.exists(Unknown Source)
at org.apache.directory.groovyldap.LDAP$exists.call(Unknown Source)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:45)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:108)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
at Script1.run(Script1.groovy:5)
at com.eviware.soapui.support.scripting.groovy.SoapUIGroovyScriptEngine.run(SoapUIGroovyScriptEngine.java:92)
at com.eviware.soapui.impl.wsdl.teststeps.WsdlGroovyScriptTestStep.run(WsdlGroovyScriptTestStep.java:141)
at com.eviware.soapui.impl.wsdl.panels.teststeps.GroovyScriptStepDesktopPanel$RunAction$1.run(GroovyScriptStepDesktopPanel.java:250)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
at sun.security.ssl.AppInputStream.read(Unknown Source)
at java.io.BufferedInputStream.fill(Unknown Source)
at java.io.BufferedInputStream.read1(Unknown Source)
at java.io.BufferedInputStream.read(Unknown Source)
at com.sun.jndi.ldap.Connection.run(Unknown Source)
... 1 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.validate(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
... 13 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 19 more

massimo · Answer

Thanks.&nbsp;After I imported the server CA certificate into SoapUI cacerts ldaps works.&nbsp;RegardsMassimo

kondasamy · Answer

massimo: I'm happy that the suggested solution worked for you! Please mark this thread as Solution accepted, so that it would aid others having similar issues.:smileyhappy:&nbsp;Thanks,Samy

Forum Discussion

LDAPS connection

5 Replies

Related Content

how do I connect Ready API to ldap database?

Connection reset

JDBC connection error indicating SSL issue

LDAP login is not working for 1 user

Getting error connecting emulator

Recent Discussions

Encrypt passwords and master password?

SOAP Request works in SoapUI, but not in C# code

clone TestSuite fails when there are more project with the same name

Will SOAP UI 5.6.1 work with JDK 8

How to configure Swagger in Paas to use it in Oracle APEX instance.