使用 openldap 服务器进行 java sasl 身份验证

发布于 2024-10-20 10:16:00 字数 1143 浏览 7 评论 0原文

当 ldapwhoami -U Portal -h yorktown -Y PLAIN -ZZ 工作正常时,任何人都可以看到此代码不起作用的任何原因吗?我正在做的事情有什么不等同的吗?

LDAPConnection connection = new LDAPConnection();
connection.connect("yorktown.example.com", 389);
SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
SSLContext sslContext = sslUtil.createSSLContext();
ExtendedResult extendedResult = connection.processExtendedOperation(new StartTLSExtendedRequest(sslContext));
PLAINBindRequest bindRequest = new PLAINBindRequest("u:portal", "test");
BindResult bindResult = connection.bind(bindRequest);

此代码给出了 connection.bind 调用引发的以下异常:

play.exceptions.JavaExecutionException: SASL(-13): user not found: Password verification failed
        at play.mvc.ActionInvoker.invoke(ActionInvoker.java:285)
        at Invocation.HTTP Request(Play!)
Caused by: LDAPException(resultCode=49 (invalid credentials),
    errorMessage='SASL(-13): user not found: Password verification failed', 
    diagnosticMessage='SASL(-13): user not found: Password verification failed')
        at com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:1710)

Can anyone see any reason this code doesn't work when ldapwhoami -U portal -h yorktown -Y PLAIN -ZZ works just fine? Is there something I'm doing that isn't equivalent?

LDAPConnection connection = new LDAPConnection();
connection.connect("yorktown.example.com", 389);
SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
SSLContext sslContext = sslUtil.createSSLContext();
ExtendedResult extendedResult = connection.processExtendedOperation(new StartTLSExtendedRequest(sslContext));
PLAINBindRequest bindRequest = new PLAINBindRequest("u:portal", "test");
BindResult bindResult = connection.bind(bindRequest);

this code gives the following exception thrown by the connection.bind call:

play.exceptions.JavaExecutionException: SASL(-13): user not found: Password verification failed
        at play.mvc.ActionInvoker.invoke(ActionInvoker.java:285)
        at Invocation.HTTP Request(Play!)
Caused by: LDAPException(resultCode=49 (invalid credentials),
    errorMessage='SASL(-13): user not found: Password verification failed', 
    diagnosticMessage='SASL(-13): user not found: Password verification failed')
        at com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:1710)

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

甜味拾荒者 2024-10-27 10:16:00

PLAINBindRequest 的文档有误,或者 OpenLDAP 2.4.23 处理请求的方式有问题。服务器日志显示 u: 正在传递到服务器,导致 DN 类似于 uid=u:portal,dc=example,dc=com。一旦我将其更改为 new PLAINBindRequest("portal", "test") ,它就起作用了。

Either the documentation for PLAINBindRequest is wrong or there's something wrong with how OpenLDAP 2.4.23 is handling the request. Server logs revealed that the u: was being passed through to the server, resulting in DNs like uid=u:portal,dc=example,dc=com. Once I changed it to new PLAINBindRequest("portal", "test") it worked.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文