dev@glassfish.java.net

Can't get LDAP authentication to work when using GlassFish jndi custom resources

From: Derek Knapp <derek.knapp_at_me.com>
Date: Sat, 08 Sep 2012 04:42:14 -0700

Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://opendj.example.com:389/dc=example,dc=com");

env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=Directory Manager");
env.put(Context.SECURITY_CREDENTIALS, "xxxxxxxxx");

// Create the initial context
DirContext ctx = new InitialDirContext(env);



above works fine, but when I set the same values in GlassFish, and try retrieve the DirContext from

     @Resource(name = "opendj")
     private DirContext ctx;

I get the below error

Here are my properties

Resource Type: javax.naming.directory.Directory
Factor Class: com.sun.jndi.ldap.LdapCtxFactory

Additional properties:
URL: ldap://opendj.example.com:389/dc=example,dc=com
java.naming.security.principal: cn=Directory Manager
java.naming.security.credentials: xxxxxxxxx
java.naming.security.authentication: simple


Both work for searching, but thats not surprise, since I do not require authentication for that

javax.naming.NoPermissionException: [LDAP: error code 50 - The entry uid=test,ou=Users,dc=example,dc=com cannot be added due to insufficient access rights]; remaining name 'uid=test,ou=Users'
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3095)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840)
        at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:811)
        at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:337)
        at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:266)
        at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:254)
        at com.test.login.Register.processRequest(Register.java:87)
        at com.test.login.Register.doGet(Register.java:137)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:668)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
        at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
        at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
        at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
        at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
        at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:328)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
        at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
        at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
        at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
        at com.sun.grizzly.http.ajp.AjpProcessorTask.invokeAdapter(AjpProcessorTask.java:135)
        at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
        at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
        at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
        at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
        at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
        at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
        at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
        at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
        at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
        at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
        at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
        at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
        at java.lang.Thread.run(Thread.java:722)




http://sudrs.wordpress.com/2006/11/16/glassfish-jndi-ldap-java/

http://stackoverflow.com/questions/2333024/get-active-directory-connection-through-glassfish-jndi-resource
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.