Hi Camel Users I hope someone can get LDAPS working with camel.
I'm using camel 2.23.2 and camel-ldap component to try to get all objects under a specific OU from a microsoft AD. This works fine with LDAP however if I want to use LDAPS i get into trouble and get: ERROR s.l.i.CamelConfig.initialDirContext: Throw ex: ----------------- simple bind failed: <server_name>:636 javax.naming.CommunicationException: simple bind failed: <server_name>:636 [Root exception is java.net.SocketException: Connection or outbound has closed] ----------------- 2021-01-29 13:10:03,453 [Camel (MyCamelContext) thread #1 - timer://LDAP-Timer] ERROR o.a.c.p.DefaultErrorHandler.log: Failed delivery for (MessageId: ID-bamse-1611922198416-0-2 on ExchangeId: ID-bamse-1611922198416-0-1). Exhausted after delivery attempt: 1 caught: java.lang.NullPointerException I have followed the guide at https://camel.apache.org/components/2.x/ldap-component.html and read the Camel in action book about adding SSL to components i.e. "14.4 Transport security" and "14.4.1 Defining global SSL configuration" Below is my code for CamelConfig and the CustomSocketFactory is exactly as its done in https://camel.apache.org/components/2.x/ldap-component.html And as i mentioned the config and routes works fine without ldaps. The key and trust store contains the server cert and I can see that the MS-AD replies with the server cert that is on my truststore. I have tried everything :) I hope someone can help me to figure out what's wrong. Best regards /Daniel ------------------------------------ private InitialDirContext ldapServer; private final Hashtable<String, String> environment; @Bean public SSLContextParameters sslContextParameters() { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource("keystore.jks"); ksp.setPassword("apassword"); KeyManagersParameters kmp = new KeyManagersParameters(); kmp.setKeyStore(ksp); kmp.setKeyPassword("apassword"); KeyStoreParameters tsp = new KeyStoreParameters(); tsp.setResource("truststore.jks"); tsp.setPassword("apassword"); TrustManagersParameters tmp = new TrustManagersParameters(); tmp.setKeyStore(tsp); SSLContextParameters scp = new SSLContextParameters(); scp.setKeyManagers(kmp); scp.setTrustManagers(tmp); return scp; } @Bean(name = "customSocketFactory") public CustomSocketFactory customSocketFactory() { CustomSocketFactory customSocketFactory = new CustomSocketFactory(sslContextParameters()); return customSocketFactory; } @Bean(name = "ldapServer") @Scope("prototype") public InitialDirContext initialDirContext() { environment.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); environment.put(Context.PROVIDER_URL, ldapUrl); environment.put(Context.URL_PKG_PREFIXES, "com.sun.jndi.url"); environment.put(Context.REFERRAL, "ignore"); //Simple authentication consists of sending the LDAP server the fully qualified DN of the client (user) and the client's clear-text password. environment.put(Context.SECURITY_AUTHENTICATION, "simple"); //SECURITY_PROTOCOL can be ignored if using ldaps:// as a scheme. //environment.put(Context.SECURITY_PROTOCOL,"ssl"); //Set to the fully qualified DN of the entity that is being authenticated. environment.put(Context.SECURITY_PRINCIPAL, "cn=<my_cn>"); //Set to the password of the principal. environment.put(Context.SECURITY_CREDENTIALS, ldapPasswd); try { ldapServer = new InitialDirContext(environment); ldapServer.addToEnvironment("java.naming.ldap.factory.socket","customSocketFactory"); } catch (NamingException ex) { LOG.error("Throw ex: \n-----------------\n" + ex.getMessage() +"\n"+ ex.getExplanation() +"\n"+ ex.toString()+"\n-----------------"); } return ldapServer; }
