Return-Path: Delivered-To: apmail-directory-api-archive@minotaur.apache.org Received: (qmail 76425 invoked from network); 6 Sep 2010 13:38:24 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 6 Sep 2010 13:38:24 -0000 Received: (qmail 65911 invoked by uid 500); 6 Sep 2010 13:38:24 -0000 Delivered-To: apmail-directory-api-archive@directory.apache.org Received: (qmail 65877 invoked by uid 500); 6 Sep 2010 13:38:23 -0000 Mailing-List: contact api-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: api@directory.apache.org Delivered-To: mailing list api@directory.apache.org Received: (qmail 65867 invoked by uid 99); 6 Sep 2010 13:38:22 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Sep 2010 13:38:22 +0000 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS,T_TO_NO_BRKTS_FREEMAIL X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of ayyagarikiran@gmail.com designates 209.85.215.50 as permitted sender) Received: from [209.85.215.50] (HELO mail-ew0-f50.google.com) (209.85.215.50) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 06 Sep 2010 13:38:15 +0000 Received: by ewy24 with SMTP id 24so2467728ewy.37 for ; Mon, 06 Sep 2010 06:37:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:content-type:content-transfer-encoding; bh=Ppd9Sj9o2KkINf9h8A8ghr+HSlIzcCDzu51az7kEyL4=; b=n09eOf5mJrn35jfHMPvUdN93tpHPMu0RxP8yIOI7SkwIdnjERk0VYrSlScOmqZBfnV 6ZKvmobfT78cE/0pbyaM4Fudl+6pWpQnyjMCm99jGWULNDUpi4krneYDFvoY+G6UnPCk 4x72xyzqcwPnLTyVXrANoPOpbHjU/O7tClp9o= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; b=q1bLpGCDVDxmI3AQoYAcc6Rn5vamZTfvAmUA4lH07J1TQ5Q5id85dd2KHA+wpn7zLS cbQ+veJ43m7u6kFSHSYUX3Yv1DV4XHdmi9TZVJ1cr00p4RWJPL5B9Kku1dhVdG1Fsn/7 C1rQodqzNOzM+qJHQs8L18MYa7fVBileZVow4= MIME-Version: 1.0 Received: by 10.216.235.104 with SMTP id t82mr2725095weq.103.1283780273692; Mon, 06 Sep 2010 06:37:53 -0700 (PDT) Sender: ayyagarikiran@gmail.com Received: by 10.216.59.148 with HTTP; Mon, 6 Sep 2010 06:37:51 -0700 (PDT) In-Reply-To: <97F4356AEA71904482CD192135C038F96A3BC61F0B@BANPMAILBOX01.citrite.net> References: <97F4356AEA71904482CD192135C038F96A3BC61F0B@BANPMAILBOX01.citrite.net> Date: Mon, 6 Sep 2010 19:07:51 +0530 X-Google-Sender-Auth: G6cD1zTnD9QpILQeFXxDwSF7f8k Message-ID: Subject: Re: Using LDAPConnection class... From: Kiran Ayyagari To: api@directory.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Mon, Sep 6, 2010 at 6:51 PM, Arvind N wrote: > Hi, > =A0 Just downloaded the ldap client api version 0.1 and wrote sample prog= ram to > connect to a Active Directory seem to hit a weird problem. > The tutorial does not provide much info so thought of checking in the lis= t. > Do let me know if I have got the wrong list. > > The piece that is failing is > > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0LdapConnection connection = =3D new LdapConnection(svrIP, new Integer(svrPort)); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0BindRequest request =3D ne= w BindRequest(); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0request.setCredentials(pas= sword); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0request.setName("cn=3DArvi= nd N"); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0BindResponse resp =3D conn= ection.bind(request); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0LdapResult result =3D resp= .getLdapResult(); > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0System.out.println("the er= ror message is " + result.getErrorMessage()); > > For this I always get an error message > ** the error message is 80090308: LdapErr: DSID-0C090334, comment: Accept= SecurityContext error, data 525, vece ** > Googled quite a bit to not avail and to dig deeper hit ethereal. > Noticed that in the LDAP protocol extract, the bind request had something= like this > .... > DN: cn=3DArvind N > .. > > To cross verify if I had done anything wrong... > > I downloaded a java based LDAP browser JXplorer and provided the same inp= ut of > User DN of "Arvind N" and the same credentials and it logged in just fine > In this login ethereal trace noticed the below difference... and this see= ms to work always... > > .... > DN: Arvind N > ..... > > > Other then the above difference I did not notice any other difference in = the LDAP packet > between JXplorer(Which logged in just fine) and Apache LDAP Client API( f= ailed to login).... > Do let me know how can I make Apache LDAP client API to send DN: as plain= DN: Arvind N, > which I think should make the thing work just fine... client-api requires the user name in the form of a DN so 'Arvind N' cannot be used as it is not a valid DN. JXplorer must be doing some behind the scenes work to make it work with AD. Kiran Ayyagari