You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Stefan Zoerner (JIRA)" <ji...@apache.org> on 2007/06/10 22:04:26 UTC
[jira] Created: (DIRSERVER-965) Enabling ldpas via bean
configuration fails (connection refused from a client's point of view)
Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
----------------------------------------------------------------------------------------------
Key: DIRSERVER-965
URL: https://issues.apache.org/jira/browse/DIRSERVER-965
Project: Directory ApacheDS
Issue Type: Bug
Affects Versions: 1.5.1
Environment: * ApacheDS 1.5.1 (SNAPSHOT)
* Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
* Windows XP Professional SP2
Reporter: Stefan Zoerner
Priority: Blocker
If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
<bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
<!-- Whether to enable the LDAPS protocol. -->
<property name="enabled" value="true" />
<!-- The port to run the LDAPS protocol on. -->
<property name="ipPort" value="636" />
<property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
<property name="ldapsCertificatePassword" value="secret" />
</bean>
the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-965) Enabling ldpas via bean
configuration fails (connection refused from a client's point of view)
Posted by "Enrique Rodriguez (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-965?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12503546 ]
Enrique Rodriguez commented on DIRSERVER-965:
---------------------------------------------
I agree with the change you made to address usability here. If we are going to have a bean for LDAPS then it makes sense to have the LDAPS nature enabled by default in it.
> Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
> ----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-965
> URL: https://issues.apache.org/jira/browse/DIRSERVER-965
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: * ApacheDS 1.5.1 (SNAPSHOT)
> * Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
> * Windows XP Professional SP2
> Reporter: Stefan Zoerner
> Assignee: Stefan Zoerner
>
> If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
> <bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
> <!-- Whether to enable the LDAPS protocol. -->
> <property name="enabled" value="true" />
> <!-- The port to run the LDAPS protocol on. -->
> <property name="ipPort" value="636" />
> <property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
> <property name="ldapsCertificatePassword" value="secret" />
> </bean>
> the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
> ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (DIRSERVER-965) Enabling ldpas via bean
configuration fails (connection refused from a client's point of view)
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-965?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Zoerner closed DIRSERVER-965.
------------------------------------
> Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
> ----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-965
> URL: https://issues.apache.org/jira/browse/DIRSERVER-965
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: * ApacheDS 1.5.1 (SNAPSHOT)
> * Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
> * Windows XP Professional SP2
> Reporter: Stefan Zoerner
> Assignee: Stefan Zoerner
>
> If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
> <bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
> <!-- Whether to enable the LDAPS protocol. -->
> <property name="enabled" value="true" />
> <!-- The port to run the LDAPS protocol on. -->
> <property name="ipPort" value="636" />
> <property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
> <property name="ldapsCertificatePassword" value="secret" />
> </bean>
> the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
> ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (DIRSERVER-965) Enabling ldpas via bean
configuration fails (connection refused from a client's point of view)
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-965?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Zoerner reassigned DIRSERVER-965:
----------------------------------------
Assignee: Stefan Zoerner
> Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
> ----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-965
> URL: https://issues.apache.org/jira/browse/DIRSERVER-965
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: * ApacheDS 1.5.1 (SNAPSHOT)
> * Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
> * Windows XP Professional SP2
> Reporter: Stefan Zoerner
> Assignee: Stefan Zoerner
>
> If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
> <bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
> <!-- Whether to enable the LDAPS protocol. -->
> <property name="enabled" value="true" />
> <!-- The port to run the LDAPS protocol on. -->
> <property name="ipPort" value="636" />
> <property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
> <property name="ldapsCertificatePassword" value="secret" />
> </bean>
> the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
> ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-965) Enabling ldpas via bean
configuration fails (connection refused from a client's point of view)
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-965?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12503207 ]
Stefan Zoerner commented on DIRSERVER-965:
------------------------------------------
I was able to get it up and runninf with this:
<bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
<!-- Whether to enable the LDAPS protocol. -->
<property name="enabled" value="true" />
<!-- The port to run the LDAPS protocol on. -->
<property name="ipPort" value="636" />
<property name="enableLdaps" value="true" />
<property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
<property name="ldapsCertificatePassword" value="secret" />
</bean>
But I am not sure, whether enabling it with two switches and a reference to this bean from the configuration is quite handy. Perhaps it is possible to remove the "enabled" property completely. If there is a reference to this bean from the configuration, it is enabled. enableLdapscould be used to determine whether it is ldap or ldaps. Just an idea.
> Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
> ----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-965
> URL: https://issues.apache.org/jira/browse/DIRSERVER-965
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: * ApacheDS 1.5.1 (SNAPSHOT)
> * Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
> * Windows XP Professional SP2
> Reporter: Stefan Zoerner
> Priority: Blocker
>
> If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
> <bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
> <!-- Whether to enable the LDAPS protocol. -->
> <property name="enabled" value="true" />
> <!-- The port to run the LDAPS protocol on. -->
> <property name="ipPort" value="636" />
> <property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
> <property name="ldapsCertificatePassword" value="secret" />
> </bean>
> the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
> ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DIRSERVER-965) Enabling ldpas via bean
configuration fails (connection refused from a client's point of view)
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-965?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Zoerner updated DIRSERVER-965:
-------------------------------------
Priority: Major (was: Blocker)
> Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
> ----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-965
> URL: https://issues.apache.org/jira/browse/DIRSERVER-965
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: * ApacheDS 1.5.1 (SNAPSHOT)
> * Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
> * Windows XP Professional SP2
> Reporter: Stefan Zoerner
>
> If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
> <bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
> <!-- Whether to enable the LDAPS protocol. -->
> <property name="enabled" value="true" />
> <!-- The port to run the LDAPS protocol on. -->
> <property name="ipPort" value="636" />
> <property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
> <property name="ldapsCertificatePassword" value="secret" />
> </bean>
> the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
> ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-965) Enabling ldpas via bean
configuration fails (connection refused from a client's point of view)
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-965?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12503208 ]
Stefan Zoerner commented on DIRSERVER-965:
------------------------------------------
Perhaps we can make it easier for users if the the line
<property name="enableLdaps" value="true" />
is included in the default server.xml for the ldapsConfiguration configuration bean. ldaps would be disabled by default anyway, but others will not have the same problems to figure out that this property has to be added.
> Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
> ----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-965
> URL: https://issues.apache.org/jira/browse/DIRSERVER-965
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: * ApacheDS 1.5.1 (SNAPSHOT)
> * Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
> * Windows XP Professional SP2
> Reporter: Stefan Zoerner
>
> If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
> <bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
> <!-- Whether to enable the LDAPS protocol. -->
> <property name="enabled" value="true" />
> <!-- The port to run the LDAPS protocol on. -->
> <property name="ipPort" value="636" />
> <property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
> <property name="ldapsCertificatePassword" value="secret" />
> </bean>
> the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
> ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Issue Comment Edited: (DIRSERVER-965) Enabling ldpas via
bean configuration fails (connection refused from a client's point of view)
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-965?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12503207 ]
Stefan Zoerner edited comment on DIRSERVER-965 at 6/10/07 1:40 PM:
-------------------------------------------------------------------
I was able to get it up and running with this:
<bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
<!-- Whether to enable the LDAPS protocol. -->
<property name="enabled" value="true" />
<!-- The port to run the LDAPS protocol on. -->
<property name="ipPort" value="636" />
<property name="enableLdaps" value="true" />
<property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
<property name="ldapsCertificatePassword" value="secret" />
</bean>
But I am not sure, whether enabling it with two switches and a reference to this bean from the configuration is quite handy. Perhaps it is possible to remove the "enabled" property completely. If there is a reference to this bean from the configuration, it is enabled. enableLdapscould be used to determine whether it is ldap or ldaps. Just an idea.
was:
I was able to get it up and runninf with this:
<bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
<!-- Whether to enable the LDAPS protocol. -->
<property name="enabled" value="true" />
<!-- The port to run the LDAPS protocol on. -->
<property name="ipPort" value="636" />
<property name="enableLdaps" value="true" />
<property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
<property name="ldapsCertificatePassword" value="secret" />
</bean>
But I am not sure, whether enabling it with two switches and a reference to this bean from the configuration is quite handy. Perhaps it is possible to remove the "enabled" property completely. If there is a reference to this bean from the configuration, it is enabled. enableLdapscould be used to determine whether it is ldap or ldaps. Just an idea.
> Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
> ----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-965
> URL: https://issues.apache.org/jira/browse/DIRSERVER-965
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: * ApacheDS 1.5.1 (SNAPSHOT)
> * Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
> * Windows XP Professional SP2
> Reporter: Stefan Zoerner
> Priority: Blocker
>
> If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
> <bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
> <!-- Whether to enable the LDAPS protocol. -->
> <property name="enabled" value="true" />
> <!-- The port to run the LDAPS protocol on. -->
> <property name="ipPort" value="636" />
> <property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
> <property name="ldapsCertificatePassword" value="secret" />
> </bean>
> the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
> ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DIRSERVER-965) Enabling ldpas via bean
configuration fails (connection refused from a client's point of view)
Posted by "Stefan Zoerner (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-965?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Zoerner resolved DIRSERVER-965.
--------------------------------------
Resolution: Invalid
Due to the fact, that ldaps works, I declare this one invalid.My fault.
Nevertheless I have added the line
<property name="enableLdaps" value="true" />
to the ldapsConfiguration bean, to make it clearer that it is necessary in order to get ldaps work.
http://svn.apache.org/viewvc?view=rev&revision=546220
> Enabling ldpas via bean configuration fails (connection refused from a client's point of view)
> ----------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-965
> URL: https://issues.apache.org/jira/browse/DIRSERVER-965
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 1.5.1
> Environment: * ApacheDS 1.5.1 (SNAPSHOT)
> * Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
> * Windows XP Professional SP2
> Reporter: Stefan Zoerner
> Assignee: Stefan Zoerner
>
> If I try to enable ldaps in a standalone server (freshly installed) via the bean configuration file (server.xml) like this:
> <bean id="ldapsConfiguration" class="org.apache.directory.server.ldap.LdapConfiguration">
> <!-- Whether to enable the LDAPS protocol. -->
> <property name="enabled" value="true" />
> <!-- The port to run the LDAPS protocol on. -->
> <property name="ipPort" value="636" />
> <property name="ldapsCertificateFile" value="C:/java/apacheds-1.5.1-SNAPSHOT/conf/zanzibar.ks" />
> <property name="ldapsCertificatePassword" value="secret" />
> </bean>
> the server starts, but only listens on 10389 (plain LDAP). Connection on 636 are still refused by the server. There are no relevant lines in the log file, even with DEBUG level.
> ldaps is certification relevant for the Open Group, hence this is a blocker.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.