You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@camel.apache.org by Daniel Johansson <dj...@gmail.com> on 2021/01/29 13:21:16 UTC
LDAPS
Hi Camel Users
I hope someone can get LDAPS working with camel.
I'm using camel 2.23.2 and camel-ldap component to try to get all objects
under a specific OU from a microsoft AD.
This works fine with LDAP however if I want to use LDAPS i get into trouble
and get:
ERROR s.l.i.CamelConfig.initialDirContext: Throw ex:
-----------------
simple bind failed: <server_name>:636
javax.naming.CommunicationException: simple bind failed: <server_name>:636
[Root exception is java.net.SocketException: Connection or outbound has
closed]
-----------------
2021-01-29 13:10:03,453 [Camel (MyCamelContext) thread #1 -
timer://LDAP-Timer] ERROR o.a.c.p.DefaultErrorHandler.log: Failed delivery
for (MessageId: ID-bamse-1611922198416-0-2 on ExchangeId:
ID-bamse-1611922198416-0-1). Exhausted after delivery attempt: 1 caught:
java.lang.NullPointerException
I have followed the guide at
https://camel.apache.org/components/2.x/ldap-component.html
and read the Camel in action book about adding SSL to components i.e. "14.4
Transport security" and "14.4.1 Defining global SSL configuration"
Below is my code for CamelConfig and the CustomSocketFactory is exactly as
its done in https://camel.apache.org/components/2.x/ldap-component.html
And as i mentioned the config and routes works fine without ldaps. The key
and trust store contains the server cert and I can see that the MS-AD
replies with the server cert that is on my truststore.
I have tried everything :) I hope someone can help me to figure out what's
wrong.
Best regards
/Daniel
------------------------------------
private InitialDirContext ldapServer;
private final Hashtable<String, String> environment;
@Bean
public SSLContextParameters sslContextParameters() {
KeyStoreParameters ksp = new KeyStoreParameters();
ksp.setResource("keystore.jks");
ksp.setPassword("apassword");
KeyManagersParameters kmp = new KeyManagersParameters();
kmp.setKeyStore(ksp);
kmp.setKeyPassword("apassword");
KeyStoreParameters tsp = new KeyStoreParameters();
tsp.setResource("truststore.jks");
tsp.setPassword("apassword");
TrustManagersParameters tmp = new TrustManagersParameters();
tmp.setKeyStore(tsp);
SSLContextParameters scp = new SSLContextParameters();
scp.setKeyManagers(kmp);
scp.setTrustManagers(tmp);
return scp;
}
@Bean(name = "customSocketFactory")
public CustomSocketFactory customSocketFactory() {
CustomSocketFactory customSocketFactory = new
CustomSocketFactory(sslContextParameters());
return customSocketFactory;
}
@Bean(name = "ldapServer")
@Scope("prototype")
public InitialDirContext initialDirContext() {
environment.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
environment.put(Context.PROVIDER_URL, ldapUrl);
environment.put(Context.URL_PKG_PREFIXES, "com.sun.jndi.url");
environment.put(Context.REFERRAL, "ignore");
//Simple authentication consists of sending the LDAP server the fully
qualified DN of the client (user) and the client's clear-text password.
environment.put(Context.SECURITY_AUTHENTICATION, "simple");
//SECURITY_PROTOCOL can be ignored if using ldaps:// as a scheme.
//environment.put(Context.SECURITY_PROTOCOL,"ssl");
//Set to the fully qualified DN of the entity that is being
authenticated.
environment.put(Context.SECURITY_PRINCIPAL, "cn=<my_cn>");
//Set to the password of the principal.
environment.put(Context.SECURITY_CREDENTIALS, ldapPasswd);
try {
ldapServer = new InitialDirContext(environment);
ldapServer.addToEnvironment("java.naming.ldap.factory.socket","customSocketFactory");
} catch (NamingException ex) {
LOG.error("Throw ex: \n-----------------\n" + ex.getMessage()
+"\n"+ ex.getExplanation() +"\n"+ ex.toString()+"\n-----------------");
}
return ldapServer;
}