我按照Apache的LDAP客户端API用户指南连接到ApacheDS LDAPS服务器。但它不会连接。我尝试了一切。我能够连接到LDAP服务器。用户指南并不是很有用,因为它们省略了示例中使用的一些功能。我使用ApacheDS生成的证书。
import static org.junit.Assert.assertTrue;
import org.apache.directory.api.util.Network;
import org.apache.directory.ldap.client.api.LdapConnection;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.ldap.client.api.NoVerificationTrustManager;
public class SecureP2P {
public static void main(String[] args) throws Exception {
LdapConnectionConfig sslConfig = new LdapConnectionConfig();
sslConfig.setLdapHost(Network.LOOPBACK_HOSTNAME);
sslConfig.setUseSsl(true);
sslConfig.setLdapPort(10636);
sslConfig.setSslProtocol("SSLv3");
sslConfig.setTrustManagers(new NoVerificationTrustManager());
try (LdapConnection connection = new LdapNetworkConnection(sslConfig)) {
connection.bind("uid=admin,ou=system", "secret");
assertTrue(((LdapNetworkConnection) connection).getConfig().isUseSsl());
assertTrue(connection.isAuthenticated());
}
}
}
以下是ApacheDS服务器日志文件中的错误:
WARN [org.apache.mina.util.DefaultExceptionMonitor] - Unexpected exception.
org.apache.mina.core.filterchain.IoFilterLifeCycleException: onPreAdd(): sslFilter:SslFilter in (0x00000007: nio socket, server, /192.168.1.249:65465 => /192.168.1.249:10636)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:383)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.addLast(DefaultIoFilterChain.java:189)
at org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder.buildFilterChain(DefaultIoFilterChainBuilder.java:496)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.addNow(AbstractPollingIoProcessor.java:504)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.handleNewSessions(AbstractPollingIoProcessor.java:479)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$400(AbstractPollingIoProcessor.java:68)
at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1088)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at sun.security.ssl.Handshaker.activate(Handshaker.java:503)
at sun.security.ssl.SSLEngineImpl.kickstartHandshake(SSLEngineImpl.java:729)
at sun.security.ssl.SSLEngineImpl.beginHandshake(SSLEngineImpl.java:756)
at org.apache.mina.filter.ssl.SslHandler.init(SslHandler.java:185)
at org.apache.mina.filter.ssl.SslFilter.onPreAdd(SslFilter.java:438)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:381)
... 10 more
运行客户端时出现错误消息:
Exception in thread "main" org.apache.directory.ldap.client.api.exception.InvalidConnectionException: An established connection was aborted by the software in your host machine
at org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:4190)
at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1314)
at org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1212)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:127)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:112)
at edu.fau.SecureP2P.main(SecureP2P.java:22)