I'm trying to get an LDAP-Connection with the attributes provided by a glassfish custom-resource.
My jndi settings:
Resourcetype: javax.naming.directory.Directory
Factory-Class: com.sun.jndi.ldap.LdapCtxFactory
Parameters:
java.naming.security.credentials = myPassword
java.naming.security.principal = cn=ldapUser,ou=myOrganization,dc=myDomain,dc=net
URL = ldap://ldapserver/ou=myOrganization,dc=myDomain,dc=net
This is how I get the connection in Java:
Context initCtx = new InitialContext();
DirContext ctx = (DirContext) initCtx.lookup("CMDB2LDAP");
This works perfectly with OpenLDAP but when I try to connect to an AD 2003 I get the following Exception:
javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]; remaining name ''
When I create my own DirContext and put exactly the same properties in it, the connection works flawlessly.
I would prefer to get the connection settings from glassfish for the sake of easy administration.
Try adding java.naming.referral = follow as another attribute and see if that works.
Related
I am trying to deploy an ear file to a Weblogic 12 server. The ear file contains a HttpServlet. During deployment, the HttpServlet is trying to initialize and fails with this error:
Target state: deploy failed on Cluster
javax.naming.NameNotFoundException: While trying to lookup
'jdbc.' didn't find subcontext 'jdbc'. Resolved
'' at
weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingNode.java:1180)
I tested the data source connection on the weblogic servers and it is successful.
The data source is defined in a properties file that is being accessed because the datasource name is correct. The webserver URL is also correct.
This is the init() method:
public void init(ServletConfig config) throws ServletException
{
super.init(config);
Context jndiContext = null;
Hashtable ht = new Hashtable();
try
{
PropertyManager.getInstance(PROPS_FILE);
PropertyManager.getInstance();
ht.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
ht.put(Context.PROVIDER_URL, PropertyManager.getProperty("WL_WEBSERVER_URL"));
jndiContext = new InitialContext(ht);
ds = (javax.sql.DataSource) jndiContext.lookup(PropertyManager.getProperty("SEC_DATASOURCE"));
}
}
I don't understand why it does not recognize the subcontext of jdbc.
I tried removing jdbc. But the error is a NameNotFoundException without jdbc.
UPDATE
I tried changing the data source name to java:jdbc/scantDS. I received a different NameNotFoundException:
". javax.naming.NameNotFoundException: While
trying to look up /jdbc/scantDS in /app/webapp/Load/421643657.;
remaining name '/jdbc/scantDS' at
weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingNode.java:1180)
The problem was that I was trying to deploy using the wrong port number. I was using the port number that the console application was using and I needed a specific port that has the JNDI.
I manage to perform a STARTTLS ldapmodify ( -ZZ) of an attribute, but fail to perform the same modification using javax.naming.ldap coding
The server is OpenLDAP. It has SSigned SSL Certificate for modification, and unsecured reading is allowed. Classical combination.
I run the following command from the same server on which I will try to execute the Java code (later):
ldapmodify -H ldap://my.ldap.server:389 -D "myldapadmin" -W -ZZ
Enter LDAP Password:
dn: CN=John Westood,OU=L100,DC=l,DC=woods
changetype: modify
replace: uPwd
uPwd:: 234WF34TG2U
modifying entry "CN=John Westood,OU=L100,DC=l,DC=woods"
... as you can see, it asks me for myldapadmin's password, I enter it, and the modification happens.
Here is what I am doing from Java, I want to do the same modification, I am running it on the same server. I have imported the SSigned LDAP SSL certificate into java first.
Hashtable<String, Object> env = new Hashtable<String, Object>();
env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://my.ldap.server:389");
// Create initial context
LdapContext ctx = new InitialLdapContext(env, null);
ctx.addToEnvironment(Context.SECURITY_PRINCIPAL, "myldapadmin");
ctx.addToEnvironment(Context.SECURITY_CREDENTIALS, "myadminpass");
// Start TLS (STARTTLS is also used by the console command ldapmodify)
StartTlsResponse tls = (StartTlsResponse) ctx.extendedOperation(new
StartTlsRequest());
SSLSession sess = tls.negotiate();
//Modification of 'uPwd' attribute
ModificationItem[] mods = new ModificationItem[1];
Attribute mod0 = new BasicAttribute("uPwd", "4G45G435G436UJWG");
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, mod0);
ctx.modifyAttributes("CN=John Westood,OU=L100,DC=l,DC=woods", mods);
// Stop TLS
tls.close();
// Context close
ctx.close();
I get exception in method ctx.modifyAttributes. The Exception is the following:
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000052D: SvcErr: DSID-031A12D2, problem 5003 (WILL_NOT_PERFORM), data 0
Anybody have idea why modify uPwd works with STARTLS from commandline, but not from Java ?
Appears you are trying to change perhaps a password against Microsoft Active Directory (Even though you show openLDAP)
(I have no idea what uPwd could be.)
Changing Microsoft Active Directory Passwords has several constraints.
Once you are confident you have an acceptable connection to Microsoft Active Directory, We have an example for Changing Microsoft Active Directory Password with JNDI
FYI: By default startTLS would use 389.
I have wrote Java Client application (bean for Oracle form) to access the data through "jdbcdatasource" created on Weblogic 12c. It works fine when I am running on desktop, but when I am embedding on oracle forms as a bean, it gives following error:
java.lang.ClassNotFoundException: weblogic.jdbc.common.internal.RmiDataSource_12210_WLStub
java bean is an executable jar file includes all the dependency jar file, and it is executed independently by double click.
Here is a code:
Context ctx = null;
Hashtable ht = new Hashtable();
ht.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
ht.put(Context.PROVIDER_URL, "t3:" + url + ":7001");
if(sUser != null && sPwd != null){
ht.put(Context.SECURITY_PRINCIPAL, sUser);
ht.put(Context.SECURITY_CREDENTIALS, sPwd);
}
ctx = new InitialContext(ht);
System.out.println("!!! WebLogic Server Connection Done!");
javax.sql.DataSource ds = (javax.sql.DataSource) ctx.lookup("myDatasource");
java.sql.Connection conn = ds.getConnection();
System.out.println("!!! DataSource Connection Done!");
In the environment of Oracle forms it connect to the weblogic server but could not access the data source by displaying above error.
Any suggestion?
Just to make things clear to me.
When you say :
"to access the data through "jdbcdatasource" created on Weblogic 12c."
and you code shows:
"javax.sql.DataSource ds = (javax.sql.DataSource) ctx.lookup("myDatasource");"
The lookup parameter value shouldn't be exactly like "jdbcdatasource" instead of "myDataSource' as you stated before or it was just to explain your situation ?
I have created the data source in Websphere server and its name is myDataSource(JNDI name is oracleDS). Now I want to access it through the stand alone application.
I just wrote the bellow code to access the data sorce.
Hashtable<String, String> pdEnv = new Hashtable<String, String>();
pdEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
pdEnv.put(Context.PROVIDER_URL, "iiop://localhost:2809");
Context initialContext = new InitialContext(pdEnv);
DataSource dataSource = (DataSource) initialContext
.lookup("java:comp/env/jdbc/oracleDS");
But when I run the application I am getting the bellow exception.
Aug 6, 2013 11:33:41 PM null null
SEVERE: javaAccessorNotSet
javax.naming.ConfigurationException: Name space accessor for the java: name space has not been set. Possible cause is that the user is specifying a java: URL name in a JNDI Context method call but is not running in a J2EE client or server environment.
Please let me know do I have to do any configuration changes in websphere to access the data source or any other code level changes do I have to do?
Please confirm me can we access the datasource from outside of the container(websphere)?
Update1:
I followd the way which PhilipJ mentioned. Then I am gtting the bellow exception.
SEVERE: Cannot get connection: javax.naming.NameNotFoundException: Context: LTC-VIRTUS-24WZNode01Cell/nodes/LTC-VIRTUS-24WZNode01/servers/server1, name: jdbc/oracleDS: First component in name oracleDS not found. [Root exception is org.omg.CosNaming.NamingContextPackage.NotFound: IDL:omg.org/CosNaming/NamingContext/NotFound:1.0]
javax.naming.NameNotFoundException: Context: LTC-VIRTUS-24WZNode01Cell/nodes/LTC-VIRTUS-24WZNode01/servers/server1, name: jdbc/oracleDS: First component in name oracleDS not found. [Root exception is org.omg.CosNaming.NamingContextPackage.NotFound: IDL:omg.org/CosNaming/NamingContext/NotFound:1.0]
at com.ibm.ws.naming.jndicos.CNContextImpl.mapNotFoundException(CNContextImpl.java:4365)
at com.ibm.ws.naming.jndicos.CNContextImpl.doLookup(CNContextImpl.java:1794)
at com.ibm.ws.naming.jndicos.CNContextImpl.doLookup(CNContextImpl.java:1749)
at com.ibm.ws.naming.jndicos.CNContextImpl.lookupExt(CNContextImpl.java:1500)
at com.ibm.ws.naming.jndicos.CNContextImpl.lookup(CNContextImpl.java:637)
at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:165)
at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:179)
at javax.naming.InitialContext.lookup(InitialContext.java:436)
at com.nyl.connection.ConnectionUtil.getConnection(ConnectionUtil.java:38)
at com.nyl.main.Main.main(Main.java:9)
Caused by: org.omg.CosNaming.NamingContextPackage.NotFound: IDL:omg.org/CosNaming/NamingContext/NotFound:1.0
at org.omg.CosNaming.NamingContextPackage.NotFoundHelper.read(NotFoundHelper.java:95)
at com.ibm.WsnOptimizedNaming._NamingContextStub.resolve_complete_info(_NamingContextStub.java:506)
at com.ibm.ws.naming.jndicos.CNContextImpl$2.run(CNContextImpl.java:2797)
at com.ibm.ws.naming.jndicos.CNContextImpl$2.run(CNContextImpl.java:2793)
at com.ibm.ws.naming.util.CommonHelpers.retry(CommonHelpers.java:763)
at com.ibm.ws.naming.jndicos.CNContextImpl.cosResolve(CNContextImpl.java:2791)
at com.ibm.ws.naming.jndicos.CNContextImpl.doLookup(CNContextImpl.java:1790)
... 8 more
Update2:
I found the way to avoid the exception. The code should be bellow,
Hashtable<String, String> pdEnv = new Hashtable<String, String>();
pdEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
pdEnv.put(Context.PROVIDER_URL, "iiop://localhost:2809");
Context initialContext = new InitialContext();
DataSource datasource = (DataSource) initialContext.lookup("oracleDS");
if (datasource != null) {
connection = datasource.getConnection("admin","admin");
} else {
LOGGER.info("Failed to lookup datasource.");
}
But the problem here is I am giving the database credintials to creat the connection. I don't want to give it. Can any one please let me know how to create the connection without giving the database credintials?
I found the solution for this issue.
When we creat the InitialContext we have to set two environment variables correctly as bellow,
Hashtable<String, String> pdEnv = new Hashtable<String, String>();
pdEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
pdEnv.put(Context.PROVIDER_URL, "iiop://localhost:2810");
Context initialContext = new InitialContext(pdEnv);
Note:
We can find the listening port of iiop protocol by using the bellow way,
Login to Webaphere admin console => Server => Server Types => Webspher application servers => Click on the name of the server which we use => Communication => Ports.
Then you can find the port for Port name BOOTSTRAP_ADDRESS.
Working code to create the connection using the datasource
Hashtable<String, String> pdEnv = new Hashtable<String, String>();
pdEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
pdEnv.put(Context.PROVIDER_URL, "iiop://localhost:2810");
Context initialContext = new InitialContext(pdEnv);
DataSource datasource = (DataSource) initialContext.lookup("testDS");
if (datasource != null) {
connection = datasource.getConnection("admin","admin"); // DB credintials
} else {
LOGGER.info("Failed to lookup datasource.");
}
Note: I created the data source in websphere(Version 7) and the JNDI name is testDS
and we have to add com.ibm.ws.ejb.thinclient_7.0.0.jar jar in the class path.
Thanks Sean F and PhilipJ for your support regarding this issue.
DataSource dataSource = (DataSource) initialContext
.lookup("jdbc/oracleDS");
try this way.
look here
I have the following code:
Hashtable env1 = new Hashtable();
env1.put(javax.naming.Context.INITIAL_CONTEXT_FACTORY,"com.ibm.websphere.naming.WsnInitialContextFactory");
log.info("Executed step 1");
env1.put(javax.naming.Context.PROVIDER_URL, "iiop://myhost.com:9301");
log.info("Executed step 2");
Context ctx = new InitialContext(env1);
DataSource ds = (DataSource)ctx.lookup("jdbc/mydatasource");
log.info("Excecuted lookup ="+ds);
conn = ds.getConnection();
I have the previous code in an standalone application that is connecting to WAS 6.1.0.3 in order to retrieve a connection from the datasource. The code is very straighforward, and I have seen the same code working in a different environment, but in this case when I call getConnection I get an exception. The datasource is WAS has the proper authentication alias set and when the connection is tested it works OK from the WAS side, but the previous code won't work.
If I change this line: conn = ds.getConnection();
to this: conn = ds.getConnection("username","password");
Then the code will work! But that's not what I want since the connections in the datasource should already have the credentials set. I was initially thinking this was a Sybase problem, but it's also happening with Oracle, so would rather say I have a problem with WAS.
If you are curious about the exceptions, for Sybase I get:
java.sql.SQLException: JZ004: User name property missing in DriverManager.getConnection(..., Properties).DSRA0010E: SQL State = JZ004, Error Code = 0
at com.sybase.jdbc2.jdbc.ErrorMessage.raiseError(ErrorMessage.java:569)
at com.sybase.jdbc2.tds.LoginToken.<init>(LoginToken.java:128)
at com.sybase.jdbc2.tds.Tds.doLogin(Tds.java:506)
at com.sybase.jdbc2.tds.Tds.login(Tds.java:449)
at com.sybase.jdbc2.jdbc.SybConnection.tryLogin(SybConnection.java:254)
at com.sybase.jdbc2.jdbc.SybConnection.regularConnect(SybConnection.java:230)
at com.sybase.jdbc2.jdbc.SybConnection.<init>(SybConnection.java:200)
at com.sybase.jdbc2.jdbc.SybPooledConnection.<init>(SybPooledConnection.java:72)
at com.sybase.jdbc2.jdbc.SybConnectionPoolDataSource.createConnection(SybConnectionPoolDataSource.java:138)
at com.sybase.jdbc2.jdbc.SybDriver.connect(SybDriver.java:485)
at com.sybase.jdbc2.jdbc.SybDriver.connect(SybDriver.java:517)
at com.sybase.jdbc2.jdbc.SybDataSource.getConnection(SybDataSource.java:227)
at com.sybase.jdbc2.jdbc.SybConnectionPoolDataSource.getPooledConnection(SybConnectionPoolDataSource.java:74)
at com.ibm.ws.rsadapter.spi.InternalGenericDataStoreHelper$1.run(InternalGenericDataStoreHelper.java:897)
at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118)
at com.ibm.ws.rsadapter.spi.InternalGenericDataStoreHelper.getPooledConnection(InternalGenericDataStoreHelper.java:892)
at com.ibm.ws.rsadapter.spi.WSRdbDataSource.getPooledConnection(WSRdbDataSource.java:1181)
at com.ibm.ws.rsadapter.spi.WSManagedConnectionFactoryImpl.createManagedConnection(WSManagedConnectionFactoryImpl.java:1047)
at com.ibm.ws.rsadapter.spi.WSDefaultConnectionManagerImpl.allocateConnection(WSDefaultConnectionManagerImpl.java:81)
at com.ibm.ws.rsadapter.jdbc.WSJdbcDataSource.getConnection(WSJdbcDataSource.java:431)
at com.ibm.ws.rsadapter.jdbc.WSJdbcDataSource.getConnection(WSJdbcDataSource.java:400)
And for Oracle I get this one:
java.sql.SQLException: invalid arguments in callDSRA0010E: SQL State = null, Error Code = 17,433
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:146)
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:208)
at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:236)
at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:420)
at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:165)
at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:35)
at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:801)
at oracle.jdbc.pool.OracleDataSource.getPhysicalConnection(OracleDataSource.java:297)
at oracle.jdbc.pool.OracleDataSource.getConnection(OracleDataSource.java:221)
at oracle.jdbc.pool.OracleConnectionPoolDataSource.getPhysicalConnection(OracleConnectionPoolDataSource.java:157)
at oracle.jdbc.pool.OracleConnectionPoolDataSource.getPooledConnection(OracleConnectionPoolDataSource.java:94)
at oracle.jdbc.pool.OracleConnectionPoolDataSource.getPooledConnection(OracleConnectionPoolDataSource.java:75)
at com.ibm.ws.rsadapter.spi.InternalGenericDataStoreHelper$1.run(InternalGenericDataStoreHelper.java:897)
at com.ibm.ws.security.util.AccessController.doPrivileged(AccessController.java:118)
at com.ibm.ws.rsadapter.spi.InternalGenericDataStoreHelper.getPooledConnection(InternalGenericDataStoreHelper.java:892)
at com.ibm.ws.rsadapter.spi.WSRdbDataSource.getPooledConnection(WSRdbDataSource.java:1181)
at com.ibm.ws.rsadapter.spi.WSManagedConnectionFactoryImpl.createManagedConnection(WSManagedConnectionFactoryImpl.java:1047)
at com.ibm.ws.rsadapter.spi.WSDefaultConnectionManagerImpl.allocateConnection(WSDefaultConnectionManagerImpl.java:81)
at com.ibm.ws.rsadapter.jdbc.WSJdbcDataSource.getConnection(WSJdbcDataSource.java:431)
at com.ibm.ws.rsadapter.jdbc.WSJdbcDataSource.getConnection(WSJdbcDataSource.java:400)
In both cases I won't the exception if I pass the credentials to the getConnection method
Thanks for your advice.
Short answer: external clients don't get to use the authentication alias data
Longer Answer:
From the WAS J2C connection factory documentation:
The alias that you configure for component-managed authentication does not apply to all clients that must access the secured resource. External Java clients with Java Naming and Directory Interface (JNDI) access can look up a Java 2 Connector (J2C) resource such as a data source or Java Message Service (JMS) queue. However, they are not permitted to take advantage of the component-managed authentication alias defined on the resource. This alias is the default value that is used when the getConnection() method does not specify any authentication data, like user and password, or a value for ConnectionSpec. If an external client needs to get a connection, it must assume responsibility for the authentication by passing it through arguments on the getConnection() call.
It's been a long time since I've done anything with WebSFEAR^H^H^H^Hphere, but it looks to me that you have a configuration problem. There was a special screen where you'd create credentials (user/pass) and later you'd apply those credentials to the created data source. It looks like that your configured data source hasn't got credentials applied.
Even after defining the user/password values as custom properties I found that the connections for Oracle weren't working. After many days, I just found that the development server is running an old WAS 6.1 version, the problem I'm having was fixed in WAS 6.1.0.5: PK32838: J2CA0046E WHEN USING USING CUSTOM PROP PASSWORD ON DATASOURECE
I tried my code in a different WAS server with an updated WAS fix pack level and... it worked without introducing a single change in the code or in the configuration. So the solution is to upgrade the WAS server.
Thanks.