java - Tomcat 8 - LDAP: NameNotFoundException error code 32, remaining name empty string -


trying migrate application weblogic 12.2.1 tomcat 8.5.4, under weblogic entry foreign jndi providers ldap connection has been migrated new resource under tomcat.

following this advice on stack overflow, custom ldapcontextfactory has been packaged new jar file under tomcat lib folder.

in tomcat server.xml file following globalnamingresources/resource has been configured:

    <resource name="ldapconnection"          auth="container"         type="javax.naming.ldap.ldapcontext"         factory="com.sample.custom.ldapcontextfactory"         singleton="false"         java.naming.referral="follow"         java.naming.factory.initial="com.sun.jndi.ldap.ldapctxfactory"         java.naming.provider.url="ldap://some.host:389"         java.naming.security.authentication="simple"         java.naming.security.principal="cn=some,ou=some,ou=some,dc=some,dc=a,dc=b"         java.naming.security.credentials="password"         com.sun.jndi.ldap.connect.pool="true"         com.sun.jndi.ldap.connect.pool.maxsize="10"         com.sun.jndi.ldap.connect.pool.prefsize="4"         com.sun.jndi.ldap.connect.pool.timeout="30000" />

the connection above works fine when browsing ldap directory via ldap browser apache directory studio / ldap browser embedded in eclipse.

the custom com.sample.custom.ldapcontextfactory quite simple:

public class ldapcontextfactory implements objectfactory {      public object getobjectinstance(object obj, name name, context namectx, hashtable<?, ?> environment)             throws exception {          hashtable<object, object> env = new hashtable<>();         reference reference = (reference) obj;         enumeration<refaddr> references = reference.getall();          while (references.hasmoreelements()) {             refaddr address = references.nextelement();             string type = address.gettype();             string content = (string) address.getcontent();             env.put(type, content);         }         return new initialldapcontext(env, null);     } }

however, @ start-up tomcat throwing following exception:

07-sep-2016 15:04:01.064 severe [main] org.apache.catalina.mbeans.globalresourceslifecyclelistener.creatembeans exception processing global jndi resources  javax.naming.namenotfoundexception: [ldap: error code 32 - 0000208d: nameerr: dsid-031001e5, problem 2001 (no_object), data 0, best match of:     ''  ]; remaining name ''     @ com.sun.jndi.ldap.ldapctx.maperrorcode(ldapctx.java:3160)     @ com.sun.jndi.ldap.ldapctx.processreturncode(ldapctx.java:3081)     @ com.sun.jndi.ldap.ldapctx.processreturncode(ldapctx.java:2888)     @ com.sun.jndi.ldap.ldapctx.c_listbindings(ldapctx.java:1189)     @ com.sun.jndi.toolkit.ctx.componentcontext.p_listbindings(componentcontext.java:592)     @ com.sun.jndi.toolkit.ctx.partialcompositecontext.listbindings(partialcompositecontext.java:330)     @ com.sun.jndi.toolkit.ctx.partialcompositecontext.listbindings(partialcompositecontext.java:317)     @ javax.naming.initialcontext.listbindings(initialcontext.java:472)     @ org.apache.catalina.mbeans.globalresourceslifecyclelistener.creatembeans(globalresourceslifecyclelistener.java:136)     @ org.apache.catalina.mbeans.globalresourceslifecyclelistener.creatembeans(globalresourceslifecyclelistener.java:145)     @ org.apache.catalina.mbeans.globalresourceslifecyclelistener.creatembeans(globalresourceslifecyclelistener.java:110)     @ org.apache.catalina.mbeans.globalresourceslifecyclelistener.lifecycleevent(globalresourceslifecyclelistener.java:82)     @ org.apache.catalina.util.lifecyclebase.firelifecycleevent(lifecyclebase.java:94)     @ org.apache.catalina.util.lifecyclebase.setstateinternal(lifecyclebase.java:401)     @ org.apache.catalina.util.lifecyclebase.setstate(lifecyclebase.java:345)     @ org.apache.catalina.core.standardserver.startinternal(standardserver.java:784)     @ org.apache.catalina.util.lifecyclebase.start(lifecyclebase.java:152)     @ org.apache.catalina.startup.catalina.start(catalina.java:655)     @ sun.reflect.nativemethodaccessorimpl.invoke0(native method)     @ sun.reflect.nativemethodaccessorimpl.invoke(nativemethodaccessorimpl.java:62)     @ sun.reflect.delegatingmethodaccessorimpl.invoke(delegatingmethodaccessorimpl.java:43)     @ java.lang.reflect.method.invoke(method.java:497)     @ org.apache.catalina.startup.bootstrap.start(bootstrap.java:355)     @ org.apache.catalina.startup.bootstrap.main(bootstrap.java:495)

similar questions , investigations suggest invalid ldap dn, but:

  • the same ldap configuration works fine via ldap client
  • no search performed, @ start-up time tomcat throws exception without query
  • the error suggests empty string '' remaining name, hence not not found, apparently

question(s): correct way migrate foreign jndi providers entry weblogic tomcat? how fix invalid ldap dn entry empty remaining name? missing basedn configure somewhere?

update
same exact error happens when changing ldapcontextfactory following, suggested via comments:

public object getobjectinstance(object obj, name name, context namectx, hashtable<?, ?> environment)         throws exception {      hashtable<object, object> env = new hashtable<>();     reference reference = (reference) obj;     enumeration<refaddr> references = reference.getall();      string providerurl = "no valid url";      while (references.hasmoreelements()) {         refaddr address = references.nextelement();         string type = address.gettype();         string content = (string) address.getcontent();          switch (type) {         case context.provider_url:             env.put(context.provider_url, content);             providerurl = content;             break;          default:             env.put(type, content);             break;         }     }      initialldapcontext context = null;     object result = null;     try {         context = new initialldapcontext(env, null);          logger.info("looking " + providerurl);         result = context.lookup(providerurl);     } {         if (context != null) {             context.close();         }     }     logger.info("created new ldap context");     return result; }

change confirmed via logging, make sure deployed properly.

the involved listener defined default @ top of server.xml file as

<listener classname="org.apache.catalina.mbeans.globalresourceslifecyclelistener" />

and cannot disabled per official documentation:

the global resources lifecycle listener initializes global jndi resources defined in server.xml part of global resources element. without listener, none of global resources available.

the same happens on tomcat version 8.5.5 , 7.0.69: adding new global resource above , additional jar providing factory above, exception pointing @ empty remaining name thrown.

the stacktrace went away appending java.naming.provider.url property ldap schema dn, using first factory implementation provided in question.

below screenshot of ldap client used in context, apache directory studio / ldap browser embedded in eclipse, possible browse concerned ldap using initial values of question.

enter image description here

by appending schema dn of root element connection url, exception went away , ldap resource shared via jndi in tomcat 8.

further details outcome of troubleshooting:

in tomcat 8 global resources handled via global resource listener, globalresourceslifecyclelistener, defined default in server.xml file. such listener invokes context.listbindings("") on bean creation, hence browsing ldap directory.

this initial browsing may difference between tomcat , weblogic, ldap looked via jndi when required, hence via direct query, rather @ start-up generic query. such, in tomcat ldap url need further details, is, different configuration part of url directly point valid base dn.

from official weblogic documentation:

on start up, weblogic server attempts connect jndi source. if connection successful, weblogic server sets requested objects , links in local jndi tree, making them available weblogic server clients.

hence, connection rather simpler listbindings:

enumerates names bound in named context, along objects bound them. contents of subcontexts not included.


-

Comments

Post a Comment

Popular posts from this blog

java - Jasper subreport showing only one entry from the JSON data source when embedded in the Title band -

Image
i having issues populating data in subreport in title band of main report. data populated correctly in subreport in detail band of main report. trying find wrong in json query. appreciated. json sample data source (expenses.json) { "expenses": { "date": "8 sep 2016", "accounts": [ { "title": "xyz corp (111)", "accountname": "xyz corp", "accountnumber": "111", "transactions": [ { "date": "21 jun 2016", "name": "gas", "price": "17.50" }, { "date": "12 may 2016", "name": "shopping", "price": "111.99" }, { "date": "30 apr 2016", "name...
Read more

serialization - Convert Any type in scala to Array[Byte] and back -

i have following question: i have variable value in program declared value. i want convert value byte array.. how can serialize byte array , back? found examples related other types such double or int, not any. this should need. it's pretty similar how 1 in java. import java.io.{bytearrayinputstream, bytearrayoutputstream, objectinputstream, objectoutputstream} object serialization extends app { def serialise(value: any): array[byte] = { val stream: bytearrayoutputstream = new bytearrayoutputstream() val oos = new objectoutputstream(stream) oos.writeobject(value) oos.close stream.tobytearray } def deserialise(bytes: array[byte]): = { val ois = new objectinputstream(new bytearrayinputstream(bytes)) val value = ois.readobject ois.close value } println(deserialise(serialise("my test"))) println(deserialise(serialise(list(1)))) println(deserialise(serialise(map(1 -> 2)))) println(deserialise(seri...
Read more

SonarQube Plugin for Jenkins does not find SonarQube Scanner executable -

Image
i trying run sonarqube scanner within jenkins post-build step. however, keep getting error message below: ------------------------------------------------------------------------ sonar analysis failed ------------------------------------------------------------------------ fatal: sonarqube scanner executable not found sonarqube build step 'execute sonarqube scanner' marked build failure from similar questions on stackoverflow read 1 should choose "install automatically" sonarqube scanner, have done. my configurations follows: sonarqube 6.0 jenkins 1.609.3 sonarqube plugin 2.4.4 sonarqube servers sonarqube scanner build-step when config sonarqube scanner in manage jenkins --> global tool configuration --> sonarqube scanner, besides select "install automatically", need add installer. see screenshot here: sonarqube scanner --> add installer
Read more