Skip to Content

Accessing LDAP in a custom JAAS login module

Hi,

I have developed a custom jaas login module in CE 7.1. I created a java dc which contains a class extending AbstractLoginModule. This DC is deployed on to the server using an EAR DC. I am trying to access LDAP in the custom login module. I am trying to establish an SSL connection to LDAP. For this purpose i have created a custom socket factory class which extends SSLSocketFactory. I used the code below to establish the connection.

		Hashtable<String,String> env=new Hashtable<String,String>();
		DirContext dirContext=null;
		env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
		env.put(Context.PROVIDER_URL,ldapURL);
                env.put(Context.SECURITY_PROTOCOL,"ssl");
                env.put("java.naming.ldap.factory.socket", "com.test.ldap.MySSLSocketFactory");
                dirContext=new InitialDirContext(env);

MySSLSocketFactory is the name of custom socket factory.

During a login process, the above code results in error because the connection to LDAP server could not be established. However the same code when executed in a webdynpro DC is working without any problem. What could be the reason for this?

This is the error i could see in defaultTrace

javax.naming.CommunicationException: js24.na.domain.net:636 [Root exception is java.lang.ClassNotFoundException: com.test.ldap.MySSLSocketFactory

-


Loader Info -


ClassLoader name: [service:security]

Living status: alive

Direct parent loaders:

[system:Frame]

[library:j2eeca]

[service:timeout]

[service:com.sap.security.core.ume.service]

[service:adminadapter]

Resources:

/usr/sap/SV3/J10/j2ee/cluster/bin/services/security/lib/private/sap.comtcjesecurityimpl.jar

-


]

at com.sun.jndi.ldap.Connection.<init>(Connection.java:205)

at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)

at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1579)

at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2681)

at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:299)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)

at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)

at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)

at com.sap.engine.system.naming.provider.DefaultInitialContext._getDefaultInitCtxt(DefaultInitialContext.java:64)

at com.sap.engine.system.naming.provider.DefaultInitialContext.<init>(DefaultInitialContext.java:45)

at com.sap.engine.system.naming.provider.DefaultInitialContextFactory.getInitialContext(DefaultInitialContextFactory.java:41)

at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)

at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)

at javax.naming.InitialContext.init(InitialContext.java:223)

at javax.naming.InitialContext.<init>(InitialContext.java:197)

at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Apr 05, 2011 at 06:38 PM

    Hi,

    I used an EJB to perform the LDAP search and called the EJB from the login module. It is working as expected.

    Regards,

    Shabeer

    Add comment
    10|10000 characters needed characters exceeded