我正在使用maven和eclipse juno为Tomcat 7开发一个自定义领域。
它看起来很像Implement a Tomcat Realm with LDAP authentication and JDBC authorization中描述的解决方案,其中包含:
当我尝试使用eclipse调试这个领域时,我不断碰到以下异常:
The type org.apache.tomcat.util.buf.ByteChunk cannot be resolved. It is indirectly referenced from required .class files
据我所知,这个类在$ TOMCAT_ROOT / lib / tomcat-coyote.jar中:
unzip -t /opt/apache-tomcat-7.0.32/lib/tomcat-coyote.jar | grep ByteChunk
testing: org/apache/tomcat/util/buf/ByteChunk$ByteInputChannel.class OK
testing: org/apache/tomcat/util/buf/ByteChunk$ByteOutputChannel.class OK
testing: org/apache/tomcat/util/buf/ByteChunk.class OK
项目非常简单,以这种方式配置了maven构建的jar:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>senrealm</artifactId>
<groupId>fr.senat</groupId>
<packaging>jar</packaging>
<version>0.1.0</version>
<name>Realm d'authentification</name>
<url></url>
<properties>
<maven.compiler.source>1.6</maven.compiler.source>
<maven.compiler.target>1.6</maven.compiler.target>
<tomcat.version>7.0.32</tomcat.version>
</properties>
<dependencies>
<dependency>
<groupId>org.apache.tomcat</groupId>
<artifactId>tomcat-catalina</artifactId>
<version>${tomcat.version}</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat</groupId>
<artifactId>tomcat-coyote</artifactId>
<version>${tomcat.version}</version>
</dependency>
</dependencies>
<build>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
<excludes>
<exclude>ldap.jks</exclude>
</excludes>
</resource>
<resource>
<directory>src/main/resources</directory>
<filtering>false</filtering>
<includes>
<include>ldap.jks</include>
</includes>
</resource>
</resources>
</build>
</project>
生成的jar放在$ TOMCAT_ROOT / lib。
中有什么想法吗?
补充:只有ldaps连接才会出现问题。使用非SSL ldap连接,一切都很好。
即使我在m中使用以下代码手动设置参数,也可以使用以下代码:
@Override
protected DirContext open() throws NamingException {
URL ts = getClass().getResource("/ldap.jks");
System.setProperty("javax.net.ssl.trustStore", ts.getFile());
Properties ldapProperties;
ldapProperties = new Properties();
ldapProperties.put(javax.naming.Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
ldapProperties.put(javax.naming.Context.PROVIDER_URL, "ldaps://ldap.senat.fr:636/dc=senat,dc=fr");
ldapProperties.put("com.sun.jndi.ldap.connect.pool","true");
ldapProperties.put(javax.naming.Context.SECURITY_AUTHENTICATION, "simple");
ldapProperties.put(javax.naming.Context.SECURITY_PROTOCOL, "ssl");
ldapProperties.put(javax.naming.Context.SECURITY_PRINCIPAL, "uid=batchges, ou=comptes, dc=senat, dc=fr");
ldapProperties.put(javax.naming.Context.SECURITY_CREDENTIALS, "xxxxx");
DirContext newDirContext = new InitialDirContext(ldapProperties);
return newDirContext;
}
...在InitialDirContext构造函数中发生奇怪的异常。
UPDATE:如果我将javax.net.ssl.trustStore属性设置为本地文件而不是jar中包含的文件,则可以正常工作。
所以:
@Override
protected DirContext open() throws NamingException {
System.setProperty("javax.net.ssl.trustStore", "/tmp/ldap.jks");
return super.open();
}
的工作原理。知道为什么吗?
答案 0 :(得分:1)
String tmpdir = System.getenv("CATALINA_TMPDIR");
if(tmpdir == null)
tmpdir = System.getenv("CATALINA_HOME") + "/temp";
final String tmpJKSfile = tmpdir + "/ldap.jks";
URL ts = getClass().getResource("/ldap.jks");
try {
InputStream in = new BufferedInputStream(ts.openStream());
OutputStream out = new BufferedOutputStream(new FileOutputStream(tmpJKSfile));
IOUtils.copy(in, out);
out.flush();
out.close();
in.close();
} catch (IOException eio) {
/* your logging */
}
System.setProperty(TrustStoreProperty, tmpJKSfile);