We are trying to integrating the LDPA authentication using java technology but unable to connect the IDAM-NETIQ server while using as below that code,
parameter details,
INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
PROVIDER_URL, "ldap:// IP ADDRESS :10389");
SECURITY_PRINCIPAL, "CN=Testnetiq.O=IBOM_test");
SECURITY_CREDENTIALS, "PASSWORD");
package com.test.poc;
import java.util.Properties;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchControls;
public class Testing {
public static void main(String[] args) throws Exception {
Properties props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
props.put(Context.PROVIDER_URL, "ldap:// ldap ip :10389");
props.put(Context.SECURITY_PRINCIPAL, "CN=Testnetiq.O=IBOM_test");
props.put(Context.SECURITY_CREDENTIALS, "Wipro@123");
InitialDirContext context = new InitialDirContext(props);
SearchControls ctrls = new SearchControls();
ctrls.setReturningAttributes(new String[] { "givenName", "sn", "memberOf" });
ctrls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<javax.naming.directory.SearchResult> answers = context.search("o=IBOM_test",
"(uid=" + "Test123" + ")", ctrls);
javax.naming.directory.SearchResult result = answers.nextElement();
String user = result.getNameInNamespace();
try {
props = new Properties();
props.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
props.put(Context.PROVIDER_URL, "ldap://ldap ip :10389");
props.put(Context.SECURITY_PRINCIPAL, user);
props.put(Context.SECURITY_CREDENTIALS, "Test@123");
context = new InitialDirContext(props);
} catch (Exception e) {
System.out.println("false");
}
System.out.println("True");
}
}
while accessing we are getting error as below,
err] javax.naming.AuthenticationNotSupportedException: [LDAP: error code 13 - Confidentiality Required] [err] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3127) [err] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3082) [err]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) [err] at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) [err] at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:319) [err] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) [err] at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) [err] at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) [err] at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) [err] at org.apache.aries.jndi.ContextHelper.getInitialContextUsingBuilder(ContextHelper.java:244) [err] at [internal classes] [err] at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) [err] at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) [err] at javax.naming.InitialContext.init(InitialContext.java:244)
What the problem is our java code or LDAP server?
The stack trace indicates that your LDAP server requires TLS/SSL (LDAP: error code 13 - Confidentiality Required).
Try connecting to the LDAPS port instead.
Usually it's 636.
In your case, since you are trying to connect on port 10389 it might be 10636.
You will probably need to import the Organizational CA certificate into your Java keystore as well to be able to connect successfully.
These are the instructions for exporting the certificate using iManager.
To export the Organizational CA's self-signed certificate:
You can find that information here: https://www.netiq.com/documentation/edirectory-91/edir_admin/data/b1j4tpo3.html#b1j4tu55