在Java中使用LDAPConnection和端口636

Question

我试图让应用程序的LDAP连接使用安全端口636而不是389。下面的代码对于端口389非常好，但是抛出了一个异常，389被修改为636。

线程"main“LDAPException(resultCode=81 (resultCode=81 down) )中的异常，errorMessage=‘在等待对绑定请求的响应时关闭了到服务器nlbldap.company_name.co.uk:636的连接--在试图从服务器读取响应时出现I/O错误: SocketException(message='Connection’，trace='read(SocketInputStream.java:186) / read(SocketInputStream.java:140) / fill(BufferedInputStream.java:252) / read(BufferedInputStream.java:271) / read(ASN1StreamReader.java:992) / readType(ASN1StreamReader.java:329) / beginSequence(ASN1StreamReader.java:912) / readLDAPResponseFrom(LDAPMessage.java:1146) / run(LDAPConnectionReader.java:251)'，com.unboundid.ldap.sdk.SimpleBindRequest.handleResponse(SimpleBindRequest.java:723) at com.unboundid.ldap.sdk.SimpleBindRequest.process(SimpleBindRequest.java:575) at com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:2154) at com.unboundid.ldap.sdk.LDAPConnection.(LDAPConnection.java:670) at com.unboundid.ldap.sdk.LDAPConnection.(LDAPConnection.java:563) at LdapsMain1.LdapSoton.connect(LdapSoton.java：39) LdapsMain1.Main.main(Main.java:26)

package mywork.classes;

import java.util.List;
import com.unboundid.ldap.sdk.Filter;
import com.unboundid.ldap.sdk.LDAPConnection;
import com.unboundid.ldap.sdk.LDAPException;
import com.unboundid.ldap.sdk.LDAPSearchException;
import com.unboundid.ldap.sdk.SearchRequest;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;

public class Ldapcompany_name {

    static boolean connect(String username, String password) throws LDAPException 
    {                
        String baseDN = "ou=user,dc=company_name,dc=co,dc=uk";
        String filter = "(&(cn="+username+")(objectClass=user))";
        boolean hasRights = false;
        LDAPConnection connection = new LDAPConnection("nlbldap.company_name.co.uk", 389, username+"@company_name.co.uk", password);
        List<SearchResultEntry> results = getResults(connection, baseDN, filter);
        String msg = "results.size() = " + results.size();
        for(SearchResultEntry entry : results)
        {
            for(String v : entry.getAttributeValues("memberof")) 
            {
                if(v.contains("ISSWA-SIS-Web"))
                {
                    hasRights = true;
                }
            }
        }
        return hasRights;
    }
    private static List<SearchResultEntry> getResults(LDAPConnection connection, String baseDN, String filter) throws LDAPSearchException, LDAPException 
    {
        SearchResult searchResult;
        Filter filter2 = Filter.createEqualityFilter("ou", "*");
        SearchRequest searchRequest2 =  new SearchRequest("dc=company_name,dc=co,dc=uk", SearchScope.SUB, filter,"cn", "mail","memberOf");
        if (connection.isConnected()) 
        {
            searchResult = connection.search(searchRequest2);
            for (SearchResultEntry entry : searchResult.getSearchEntries())
            {
                  String name = entry.getAttributeValue("cn");
                  Object mail = entry.getAttributeValues("memberOf");
                  System.out.println(name + " " + mail);
            }
            return searchResult.getSearchEntries();
        }
        return null;
    }
}

这是堆栈跟踪

Exception in thread "main" LDAPException(resultCode=81 (server down), errorMessage='The connection to server nlbldap.company_name.co.uk:636 was closed while waiting for a response to a bind request SimpleBindRequest(dn='jdoe@company_name.co.uk'):  An I/O error occurred while trying to read the response from the server:  SocketException(message='Connection reset', trace='read(SocketInputStream.java:186) / read(SocketInputStream.java:140) / fill(BufferedInputStream.java:252) / read(BufferedInputStream.java:271) / read(ASN1StreamReader.java:992) / readType(ASN1StreamReader.java:329) / beginSequence(ASN1StreamReader.java:912) / readLDAPResponseFrom(LDAPMessage.java:1146) / run(LDAPConnectionReader.java:251)', revision=24950)')
    at com.unboundid.ldap.sdk.SimpleBindRequest.handleResponse(SimpleBindRequest.java:723)
    at com.unboundid.ldap.sdk.SimpleBindRequest.process(SimpleBindRequest.java:575)
    at com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:2154)
    at com.unboundid.ldap.sdk.LDAPConnection.<init>(LDAPConnection.java:670)
    at com.unboundid.ldap.sdk.LDAPConnection.<init>(LDAPConnection.java:563)
    at LdapsMain1.LdapSoton.connect(LdapSoton.java:39)
    at LdapsMain1.Main.main(Main.java:26)

Answer 1

添加以下代码允许该函数使用端口636

SSLUtil sslUtil = new SSLUtil(null, new TrustAllTrustManager());
SSLSocketFactory socketFactory = sslUtil.createSSLSocketFactory();
LDAPConnection connection = new LDAPConnection(socketFactory, "nlbldap.company_name.com", 636);

Answer 2

如果不知道LDAP结果代码，就很难确定。

但我想您并没有向连接对象提供任何TLS参数。

查看此示例源代码：https://bitbucket.org/jwilleke/examples/src/master/Examples-JNDI/src/com/willeke/samples/ldap/jndi/ADConnection.java?at=master