3

I get an error on trying to connect to my server via 636 and ssl enabled.

I used apache directory studio to explore the Active directory and connected via port 636 and ssl (ldaps://....)

now i got the following code: 

LdapConnection connection = new LdapNetworkConnection("172.16.1.8", 636, true);

and this doesn't work:

org.apache.directory.api.ldap.model.exception.LdapProtocolErrorException: PROTOCOL_ERROR: The server will disconnect!
at org.apache.directory.api.ldap.model.message.ResultCodeEnum.processResponse(ResultCodeEnum.java:2163)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:129)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:112)
at ch.berufsbildungscenter.notiztool.control.Account.login(Account.java:123)
at ch.berufsbildungscenter.notiztool.control.Account.login(Account.java:100)
at ch.berufsbildungscenter.notiztool.gui.control.LoginController$2.run(LoginController.java:53)

Someone got an idea why not?

Here's the login function: 

/**
 * Checks the pw with the pw on the Active Directory.
 * 
 * @param username 
 * @param pw
 * @param b
 * 
 * @return true if login was successful, false if not.
 */
private static boolean login(String username, String pw, Berufsbildner b) {
    if(b == null)
        return false;
    String cn = b.getNachname() + " " + b.getVorname();
    //Create connection to the LDAP server
    @SuppressWarnings("resource")
    LdapConnection connection = new LdapNetworkConnection("172.16.1.8", 636, true);
    //try to bind with the login data
    try {
        //------------------ Here's the exception
        connection.bind("CN="+ cn +",OU=Ausbilder,OU=Informatiker,OU=Ascom Bern,OU=Berufsbildungscenter,DC=bbcnet,DC=ch", pw);
        loggedin = true;
        currentAccount = b;
    } catch (LdapException e) {
        e.printStackTrace();
        loggedin = false;
        return false;
    }
    return true;

Thanks

siegy22
  • 4,295
  • 3
  • 25
  • 43
  • 1
    `and this doesn't work`, in what way does it fail? Exceptions? Hangs? Something else? – DanielBarbarian Aug 26 '14 at 11:52
  • @DanielBarbarian there was an exeption PROTOCOL_ERROR and another one handshaking failed or somethin. – siegy22 Aug 26 '14 at 14:54
  • And the line `LdapConnection connection = new LdapNetworkConnection("172.16.1.8", 636, true);` is what you have in your `Account.java` on line 123? – DanielBarbarian Aug 27 '14 at 16:29
  • @DanielBarbarian no, there is the column which binds the connection – siegy22 Sep 01 '14 at 09:07
  • Then it would probably be easier for us to help you if you could edit your question and add the code where the exception occurs. As the question now is written we have no idea exactly what you are doing when you get the exception. – DanielBarbarian Sep 01 '14 at 10:39
  • Also include code leading up to the error so that we can see if there is something in the setup that is missing. – DanielBarbarian Sep 01 '14 at 10:40

1 Answers1

3

use this line to set SSL protocol:

connection.setSslProtocol("SSLv3");

and set trust manager as following line:

connection.setTrustManagers(new CustomTtrustManager());

CutomTrustManager is you defined trust manager by implementing X509TrustManager or any kind of trust manager. for example:

public class CustomTtrustManager implements X509TrustManager
{
    public boolean isClientTrusted(X509Certificate[] cert)
    {
        return true;
    }

    public boolean isServerTrusted(X509Certificate[] cert)
    {
        try
        {
            cert[0].checkValidity();
            return true;
        }
        catch (CertificateExpiredException e)
        {
            return false;
        }
        catch (CertificateNotYetValidException e)
        {
            return false;
        }
    }

    public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
        throws CertificateException
    {
        // Do nothing for now.
    }

    public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
        throws CertificateException
    {
        // Do nothing for now.
    }

    public X509Certificate[] getAcceptedIssuers()
    {
        return new X509Certificate[0];
    }
}
M2E67
  • 937
  • 7
  • 23