-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 To whom it may concern,
(Marked as OT since this is a JVM issue, not a Tomcat issue). On 7/9/2009 11:01 AM, nitingautam wrote: > In my web application i am using ldap authentication. I am using tomcat 5.5 > with jdk 1.4. From some days when I try to login it throw the following > error and rest of the time it works fine. What can be the issue... [snip] > Caused by: java.security.NoSuchAlgorithmException: No implementation for > AES/CBC/NoPadding found > at com.sun.net.ssl.internal.ssl.SunJSSE_i.d(Unknown Source) > at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(Unknown Source) Looks like your JVM doesn't have this cipher, which is weird if it only happens some times. What is your exact JVM version? You might want to upgrade, as things like this tend to get fixed. 1.4 is nearly dead. Try running this code: String providerName = null; Provider providers[]; if(null != args && 0 < args.length) { providers = new Provider[args.length]; for(int i = 0; i < args.length; i++) providers[i] = Security.getProvider(args[i]); } else { providers = Security.getProviders(); } for(int i = 0; i < providers.length; i++) { Provider p = providers[i]; System.out.println("Provider: " + p); System.out.println("==============================="); System.out.println("provider properties:"); ArrayList keys = new ArrayList(p.keySet()); Collections.sort(keys); String key; for(Iterator j = keys.iterator(); j.hasNext(); System.out.println(key + "=" + p.get(key))) key = (String)j.next(); System.out.println("-------------------------------"); } This will tell you all the crypto providers, ciphers, etc. that are supported by your JVM. I ran this against my own JVM: $ java -version java version "1.6.0_13" Java(TM) SE Runtime Environment (build 1.6.0_13-b03) Java HotSpot(TM) Client VM (build 11.3-b02, mixed mode, sharing) $ java GetProviderInfo | grep AES Alg.Alias.AlgorithmParameters.Rijndael=AES Alg.Alias.Cipher.Rijndael=AES Alg.Alias.KeyGenerator.Rijndael=AES AlgorithmParameters.AES=com.sun.crypto.provider.AESParameters Cipher.AES=com.sun.crypto.provider.AESCipher Cipher.AES SupportedKeyFormats=RAW Cipher.AES SupportedModes=ECB|CBC|PCBC|CTR|CTS|CFB|OFB|CFB8|CFB16|CFB24|CFB32|CFB40|CFB48|CFB56|CFB64|OFB8|OFB16|OFB24|OFB32|OFB40|OFB48|OFB56|OFB64|CFB72|CFB80|CFB88|CFB96|CFB104|CFB112|CFB120|CFB128|OFB72|OFB80|OFB88|OFB96|OFB104|OFB112|OFB120|OFB128 Cipher.AES SupportedPaddings=NOPADDING|PKCS5PADDING|ISO10126PADDING Cipher.AESWrap=com.sun.crypto.provider.AESWrapCipher Cipher.AESWrap SupportedKeyFormats=RAW Cipher.AESWrap SupportedModes=ECB Cipher.AESWrap SupportedPaddings=NOPADDING KeyGenerator.AES=com.sun.crypto.provider.AESKeyGenerator Provider.id info=SunJCE Provider (implements RSA, DES, Triple DES, AES, Blowfish, ARCFOUR, RC2, PBE, Diffie-Hellman, HMAC) You can see in there that AES supports the CBC mode as well as the NOPADDING padding (though I didn't actually try to create an AES/CBC/NOPADDING cipher just to make sure). I wonder if your JVM is broken? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpbREMACgkQ9CaO5/Lv0PAGbwCcDDILqRAT8aIFNl06Lbj7ZmjF Ur8AnjLGY9QtHl1v7MgdcASjcxduAKGw =7ff9 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org