lma*_*nge 2 java security ldap glassfish
我已经开发了一个Java应用程序,该应用程序使用ldaps在Windows DC上创建用户帐户,在将自签名证书从Windows服务器导入到我的本地密钥库后,它可以正常工作。
现在,我已经创建了一个在glassfish 4.0上运行的Web服务,并使用相同的代码来创建帐户。
现在的问题是,Web服务现在给了我一个我最初遇到的错误,但我通过将证书导入到本地密钥库(证书)解决了该错误
Severe: javax.naming.CommunicationException: simple bind failed: 196.220.119.21:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]
at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2788)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
at engine.CreateStudent.<init>(CreateStudent.java:89)
at service.Create.createAccount(Create.java:28)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at org.glassfish.webservices.InstanceResolverImpl$1.invoke(InstanceResolverImpl.java:143)
at com.sun.xml.ws.server.InvokerTube$2.invoke(InvokerTube.java:149)
at com.sun.xml.ws.server.sei.SEIInvokerTube.processRequest(SEIInvokerTube.java:88)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
at com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:136)
at org.glassfish.webservices.MonitoringPipe.process(MonitoringPipe.java:142)
at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
at com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:136)
at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:210)
at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:142)
at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:420)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:687)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:266)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:169)
at org.glassfish.webservices.JAXWSServlet.doPost(JAXWSServlet.java:169)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1682)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:318)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:160)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:734)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:673)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:99)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:174)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:357)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:260)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:188)
at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191)
at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168)
at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189)
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136)
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114)
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77)
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838)
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55)
at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564)
at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544)
at java.lang.Thread.run(Thread.java:745)
引起原因:javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法在sun.security.ssl上找到请求的目标的有效证书路径。位于sun.security.ssl的Alerts.getSSLException(Alerts.java:192)在sun.security.ssl的SSLSocketImpl.fatal(SSLSocketImpl.java:1917)在sun.security.ssl的Handshaker.fatalSE(Handshaker.java:301)位于sun.security.ssl的.Handshaker.fatalSE(Handshaker.java:295),位于sun.security的位于sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:156)的ClientHandshaker.serverCertificate(ClientHandshaker.java:1369)。位于sun.security.ssl的ssl.Handshaker.processLoop(Handshaker.java:925)在sun.security.ssl.SSLSocketImpl的Handshaker.process_record(Handshaker.java:860)。在sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1343)在sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:728)在sun.security.ssl.AppOutputStream上的readRecord(SSLSocketImpl.java:1043) com.sun.jndi.ldap.Connection处的java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)处的java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)处的.write(AppOutputStream.java:123)。 com.sun.jndi.ldap上的writeRequest(Connection.java:426).com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359)处的com.sun.jndi.ldap.Connection.writeRequest(Connection.java:399) .jndi.ldap.LdapClient.authenticate(LdapClient.java:214)... 72更多原因:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法在sun.security.validator的sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)处的sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)处找到指向请求目标的有效证书路径。在sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)处的Validator.validate(Validator.java:260)在sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)处严重:t sun。在sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1351)处的security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)... 85个以上原因:sun.security.provider.certpath.SunCertPathBuilderException:无法在sun.security.provider.certpath.SunCertPathBuilder上找到到所请求目标的有效证书路径。在sun.security.provider.certpath上构建(SunCertPathBuilder.java:145)在sun.security.validator上构建java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)上的SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) .PKIXValidator.doBuild(PKIXValidator.java:382)... 91更多信息:java.lang.NullPointerException
我什至尝试将证书导入
C:\ Program Files \ glassfish-4.0 \ glassfish \ domains \ domain1 \ config文件夹中的cacerts.jks和keystore.jks中,但无济于事。
我还尝试过使用System.setProperty(“ javax.net.ssl.trustStore”,“ C:\ Program Files \ Java \ jdk1.8.0_05 \ jre \ lib \ security \ cacerts”)在代码中设置密钥库位置。System.setProperty(“ javax.net.ssl.trustStorePassword”,“ changeit”);
仍然没有喜悦
有什么重要的遗漏吗?顺便说一句,我在Windows 8计算机上同时拥有xdk和x32和x64位。
我的应用程序看不到我的证书的原因是因为我应该在GlassFish中进行设置。
需要为GlassFish Server域配置服务器的主密码,以访问用于启动使用SMTPS传输协议进行安全通信的密钥库和信任库。
| 归档时间: |
|
| 查看次数: |
8106 次 |
| 最近记录: |