directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nikola Goran Čutura" <ngcut...@gmail.com>
Subject Re: Storing and searching X.509 certificates
Date Fri, 18 Aug 2006 16:13:21 GMT
I tried with the link Emmanuel gave (thanks!) but it did not help. Behaviour
is the same, with or without explicit attribute declaration.

Attached is a zip archive with two log files (with-binary.log and
no-binary.log).

Case 1:

Java statement:
        NamingEnumeration results =
ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com",
"userCertificate = {0}", new Object[] {cert}, constraints);

produces log as in file 'no-binary.log'

Case 2:

Java statement:
        NamingEnumeration results =
ctx.search("ou=users,o=ActiveMQ,dc=example,dc=com",
"userCertificate;binary = {0}", new Object[] {cert}, constraints);

produces log as in file 'with-binary.log'


I hope this is helpful.

Regards,
NGC


On 8/18/06, Alex Karasulu <aok123@bellsouth.net> wrote:
>
> Hmmmm if you turn logging on to debug in your log4j.properties you'll
> get a stack trace returned to you from the server.  I could use this to
> see what is actually the problem.
>
> Alex
>
>
> Emmanuel Lecharny wrote:
> > Well, I found a very interesting message on google group that could help
> > you :
> >
> >
> http://groups.google.fr/group/comp.lang.java.programmer/browse_thread/thread/2cd78003c51f2560/e1b81def3fcb6396?lnk=st&q=Binary+LDAP+Encoding+from+JNDI&rnum=2&hl=fr#e1b81def3fcb6396
> > <
> http://groups.google.fr/group/comp.lang.java.programmer/browse_thread/thread/2cd78003c51f2560/e1b81def3fcb6396?lnk=st&q=Binary+LDAP+Encoding+from+JNDI&rnum=2&hl=fr#e1b81def3fcb6396
> >
> >
> > Can you check if it helps, and if so, give us some feedback?
> >
> > It seems to be a very common problem.
> >
> > Emmanuel
> >
> > On 8/18/06, *Nikola Goran Čutura* <ngcutura@gmail.com
> > <mailto:ngcutura@gmail.com>> wrote:
> >
> >     Hi,
> >
> >     I am using ApacheDS 1.0-RC3, running as a Windows service with
> >     default supplied configuration ( service.xml). Using JXplorer, I
> >     added an X.509 certificate and I am able to view that certificate
> >     using JXplorer again. However, when I want to search for the entries
> >     containing this certificate, my searches fail.
> >
> >     Here are the code snippets that fail:
> >
> >             CertificateFactory cf = CertificateFactory.getInstance("
> X.509");
> >             X509Certificate cert = (X509Certificate)
> >     cf.generateCertificate(new FileInputStream(" test-cert.der"));
> >             SearchControls constraints = new SearchControls();
> >             constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
> >             NamingEnumeration results =
> >     ctx.search("ou=users,o=myorg,dc=example,dc=com",
> >     "userCertificate;binary= {0}", new Object[] {cert}, constraints);
> >             // results are empty but one entry is expected
> >
> >     If I omit ';binary' in attribute name, I get exception:
> >
> >             CertificateFactory cf = CertificateFactory.getInstance("
> X.509");
> >             X509Certificate cert = (X509Certificate)
> >     cf.generateCertificate(new FileInputStream("test-cert.der"));
> >             SearchControls constraints = new SearchControls();
> >             constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
> >             NamingEnumeration results =
> >     ctx.search("ou=users,o=myorg,dc=example,dc=com", "userCertificate=
> >     {0}", new Object[] {cert}, constraints);
> >             // the last line thows exception:
> >     javax.naming.NamingException: [LDAP: error code 54 - failed on
> >     search operation]; remaining name
> >     'ou=users,o=ActiveMQ,dc=example,dc=com'
> >
> >
> >     Please advise me of the proper way to resolve this problem.
> >
> >     Regards,
> >     NGC
> >
> >
> >
> >
> >
> > --
> > Cordialement,
> > Emmanuel Lécharny
>
>
Mime
View raw message