How to log in to apacheds with non-admin user

Question

I am trying to log in with a user to ApacheDS through Java.

This are my user's details as exported in an ldif:

dn: uid=carlspring,ou=users,ou=system
objectClass: top
objectClass: inetOrgPerson
objectClass: person
objectClass: organizationalPerson
cn: Martin Todorov
sn: Todorov
uid: carlspring
userPassword:: e1NTSEF9bC9LRk45RllHdW5aVGdLcUtScmNTYk80RXRLMmJvbTEvM2NOYnc9PQ==

This is the code I have:

    // Set up environment for creating initial context
    Hashtable env = new Hashtable(11);
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, "ldap://localhost:10389/ou=users,ou=system");
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL, "uid=carlspring,ou=users,ou=system");
    env.put(Context.SECURITY_CREDENTIALS, "password");

    try
    {
        // Create initial context
        DirContext ctx = new InitialDirContext(env);

        System.out.println(ctx.lookup("ou=users"));
        System.out.println("Logged in.");

        // do something useful with ctx

        // Close the context when we're done
        ctx.close();
    }
    catch (NamingException e)
    {
        e.printStackTrace();
    }

I am getting the following exception:

javax.naming.NameNotFoundException: [LDAP: error code 32 - NO_SUCH_OBJECT: failed for MessageType : SEARCH_REQUEST
Message ID : 2
    SearchRequest
        baseDn : 'ou=users,ou=users,ou=system'
        filter : '(objectClass=*)'
        scope : base object
        typesOnly : false
        Size Limit : no limit
        Time Limit : no limit
        Deref Aliases : deref Always
        attributes : 
org.apache.directory.api.ldap.model.message.SearchRequestImpl@c7594470    ManageDsaITImpl Control
        Type OID    : '2.16.840.1.113730.3.4.2'
        Criticality : 'false'
'
: ERR_648 Invalid search base ou=users,ou=users,ou=system]; remaining name 'ou=users'

From what I understand, it doesn't seem to be connecting properly. I've tried logging in through Apache Directory Studio (with uid=carlspring,ou=users,ou=system) and that works fine. I can also log in with the admin user like this:

    env.put(Context.PROVIDER_URL, "ldap://localhost:10389/ou=system");
    env.put(Context.SECURITY_PRINCIPAL, "uid=admin,ou=system");
    env.put(Context.SECURITY_CREDENTIALS, "secret");

Could somebody please tell me what I'm doing wrong and why it's not logging in? I can't seem to be able to figure it out. Many thanks in advance!

Answer 1

Looks like your providing a base DN in your Provider_URL thats already specifying the "ou=users" branch of your directory tree. Try changing it to:

ldap://localhost:10389/ou=system