Details

      Description

      The LDAP SSL connection does not work any more. This is most likely regression from OPENICF-866

      Stack trace:

      SEVERE: OpenICF connector test of SystemIdentifier{ uri='system/ldap/'} failed!
      org.identityconnectors.framework.common.exceptions.ConnectionFailedException: javax.naming.CommunicationException: localhost:50001 [Root exception is java.net.SocketException: Unconnected sockets not implemented]
      	at org.identityconnectors.ldap.LdapConnection$AuthenticationResultType$3.propagate(LdapConnection.java:640)
      	at org.identityconnectors.ldap.LdapConnection$AuthenticationResult.propagate(LdapConnection.java:669)
      	at org.identityconnectors.ldap.LdapConnection.connect(LdapConnection.java:215)
      	at org.identityconnectors.ldap.LdapConnection.getInitialContext(LdapConnection.java:200)
      	at org.identityconnectors.ldap.LdapConnection.checkAlive(LdapConnection.java:421)
      	at org.identityconnectors.ldap.LdapConnector.checkAlive(LdapConnector.java:140)
      	at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:186)
      	at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:117)
      	at org.identityconnectors.framework.impl.api.local.ObjectPool.borrowObject(ObjectPool.java:247)
      	at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:93)
      	at com.sun.proxy.$Proxy50.test(Unknown Source)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96)
      	at com.sun.proxy.$Proxy50.test(Unknown Source)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:98)
      	at com.sun.proxy.$Proxy50.test(Unknown Source)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.identityconnectors.framework.impl.api.local.LocalConnectorFacadeImpl$ReferenceCountingProxy.invoke(LocalConnectorFacadeImpl.java:304)
      	at com.sun.proxy.$Proxy50.test(Unknown Source)
      	at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.test(AbstractConnectorFacade.java:326)
      	at org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService.lambda$activate$0(OpenICFProvisionerService.java:287)
      	at org.forgerock.util.promise.PromiseImpl.lambda$thenOnResult$1(PromiseImpl.java:287)
      	at org.forgerock.util.promise.PromiseImpl.lambda$then$6(PromiseImpl.java:369)
      	at org.forgerock.util.promise.PromiseImpl.handleCompletion(PromiseImpl.java:531)
      	at org.forgerock.util.promise.PromiseImpl.addOrFireListener(PromiseImpl.java:519)
      	at org.forgerock.util.promise.PromiseImpl.then(PromiseImpl.java:365)
      	at org.forgerock.util.promise.PromiseImpl.then(PromiseImpl.java:356)
      	at org.forgerock.util.promise.PromiseImpl.then(PromiseImpl.java:338)
      	at org.forgerock.util.promise.PromiseImpl.thenOnResult(PromiseImpl.java:285)
      	at org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService.activate(OpenICFProvisionerService.java:245)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at org.apache.felix.scr.impl.inject.BaseMethod.invokeMethod(BaseMethod.java:224)
      	at org.apache.felix.scr.impl.inject.BaseMethod.access$500(BaseMethod.java:39)
      	at org.apache.felix.scr.impl.inject.BaseMethod$Resolved.invoke(BaseMethod.java:617)
      	at org.apache.felix.scr.impl.inject.BaseMethod.invoke(BaseMethod.java:501)
      	at org.apache.felix.scr.impl.inject.ActivateMethod.invoke(ActivateMethod.java:302)
      	at org.apache.felix.scr.impl.inject.ActivateMethod.invoke(ActivateMethod.java:294)
      	at org.apache.felix.scr.impl.manager.SingleComponentManager.createImplementationObject(SingleComponentManager.java:297)
      	at org.apache.felix.scr.impl.manager.SingleComponentManager.createComponent(SingleComponentManager.java:108)
      	at org.apache.felix.scr.impl.manager.SingleComponentManager.getService(SingleComponentManager.java:906)
      	at org.apache.felix.scr.impl.manager.SingleComponentManager.getServiceInternal(SingleComponentManager.java:879)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:748)
      	at org.apache.felix.scr.impl.manager.DependencyManager$SingleStaticCustomizer.addedService(DependencyManager.java:1012)
      	at org.apache.felix.scr.impl.manager.DependencyManager$SingleStaticCustomizer.addedService(DependencyManager.java:968)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.customizerAdded(ServiceTracker.java:1215)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.customizerAdded(ServiceTracker.java:1136)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$AbstractTracked.trackAdding(ServiceTracker.java:945)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$AbstractTracked.track(ServiceTracker.java:881)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.serviceChanged(ServiceTracker.java:1167)
      	at org.apache.felix.scr.impl.BundleComponentActivator$ListenerInfo.serviceChanged(BundleComponentActivator.java:127)
      	at org.apache.felix.framework.util.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:991)
      	at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:839)
      	at org.apache.felix.framework.util.EventDispatcher.fireServiceEvent(EventDispatcher.java:546)
      	at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4557)
      	at org.apache.felix.framework.Felix.registerService(Felix.java:3549)
      	at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:348)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:886)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:873)
      	at org.apache.felix.scr.impl.manager.RegistrationManager.changeRegistration(RegistrationManager.java:132)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerService(AbstractComponentManager.java:940)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:740)
      	at org.apache.felix.scr.impl.manager.DependencyManager$SingleStaticCustomizer.addedService(DependencyManager.java:1012)
      	at org.apache.felix.scr.impl.manager.DependencyManager$SingleStaticCustomizer.addedService(DependencyManager.java:968)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.customizerAdded(ServiceTracker.java:1215)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.customizerAdded(ServiceTracker.java:1136)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$AbstractTracked.trackAdding(ServiceTracker.java:945)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$AbstractTracked.track(ServiceTracker.java:881)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.serviceChanged(ServiceTracker.java:1167)
      	at org.apache.felix.scr.impl.BundleComponentActivator$ListenerInfo.serviceChanged(BundleComponentActivator.java:127)
      	at org.apache.felix.framework.util.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:991)
      	at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:839)
      	at org.apache.felix.framework.util.EventDispatcher.fireServiceEvent(EventDispatcher.java:546)
      	at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4557)
      	at org.apache.felix.framework.Felix.registerService(Felix.java:3549)
      	at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:348)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:886)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:873)
      	at org.apache.felix.scr.impl.manager.RegistrationManager.changeRegistration(RegistrationManager.java:132)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerService(AbstractComponentManager.java:940)
      	at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:740)
      	at org.apache.felix.scr.impl.manager.DependencyManager$SingleStaticCustomizer.addedService(DependencyManager.java:1012)
      	at org.apache.felix.scr.impl.manager.DependencyManager$SingleStaticCustomizer.addedService(DependencyManager.java:968)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.customizerAdded(ServiceTracker.java:1215)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.customizerAdded(ServiceTracker.java:1136)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$AbstractTracked.trackAdding(ServiceTracker.java:945)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$AbstractTracked.track(ServiceTracker.java:881)
      	at org.apache.felix.scr.impl.manager.ServiceTracker$Tracked.serviceChanged(ServiceTracker.java:1167)
      	at org.apache.felix.scr.impl.BundleComponentActivator$ListenerInfo.serviceChanged(BundleComponentActivator.java:127)
      	at org.apache.felix.framework.util.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:991)
      	at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:839)
      	at org.apache.felix.framework.util.EventDispatcher.fireServiceEvent(EventDispatcher.java:546)
      	at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4557)
      	at org.apache.felix.framework.Felix.registerService(Felix.java:3549)
      	at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:348)
      	at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:355)
      	at org.forgerock.openidm.router.Activator.start(Activator.java:48)
      	at org.apache.felix.framework.util.SecureAction.startActivator(SecureAction.java:697)
      	at org.apache.felix.framework.Felix.activateBundle(Felix.java:2226)
      	at org.apache.felix.framework.Felix.startBundle(Felix.java:2144)
      	at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1371)
      	at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:308)
      	at java.lang.Thread.run(Thread.java:745)
      Caused by: javax.naming.CommunicationException: localhost:50001 [Root exception is java.net.SocketException: Unconnected sockets not implemented]
      	at com.sun.jndi.ldap.Connection.<init>(Connection.java:216)
      	at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
      	at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1614)
      	at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2746)
      	at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
      	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
      	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
      	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
      	at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
      	at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
      	at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
      	at javax.naming.InitialContext.init(InitialContext.java:244)
      	at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
      	at org.identityconnectors.ldap.LdapConnection.createContext(LdapConnection.java:245)
      	at org.identityconnectors.ldap.LdapConnection.createContext(LdapConnection.java:236)
      	at org.identityconnectors.ldap.LdapConnection.connect(LdapConnection.java:211)
      	... 112 more
      Caused by: java.net.SocketException: Unconnected sockets not implemented
      	at javax.net.SocketFactory.createSocket(SocketFactory.java:125)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:498)
      	at com.sun.jndi.ldap.Connection.createSocket(Connection.java:303)
      	at com.sun.jndi.ldap.Connection.<init>(Connection.java:203)
      	... 127 more
      Caused by: java.lang.UnsupportedOperationException
      	at javax.net.SocketFactory.createSocket(SocketFactory.java:123)
      	... 133 more
      

      To reproduce:

      • Deploy IDM and DJ
      • Import DJ's cert to IDM truststore
        keytool -exportcert -keystore config/keystore -storepass `cat config/keystore.pin` -alias server-cert -file dj_cert.crt
        
        keytool -importcert -alias opendj-server-cert -file ../../../DJ/opendj/dj_cert.crt -keystore truststore -storepass changeit -trustcacerts
        
      • Connect IDM to DJ (for example use sync-with-ldap sample )
      • edit the provsioner
        "ssl" : true
        "port" : 1636
        
      • Try to query the ldap
        curl --header "Content-Type: application/json" --header "X-OpenIDM-Password: openidm-admin" --header "X-OpenIDM-Username: openidm-admin" --request POST "http://localhost:8080/openidm/system/ldap?_action=test"
        
        Response Content: 
        {
        	"name": "ldap",
        	"enabled": true,
        	"config": "config/provisioner.openicf/ldap",
        	"connectorRef": {
        		"bundleVersion": "1.4.8.0-SNAPSHOT",
        		"bundleName": "org.forgerock.openicf.connectors.ldap-connector",
        		"connectorName": "org.identityconnectors.ldap.LdapConnector"
        	},
        	"displayName": "LDAP Connector",
        	"objectTypes": ["__ALL__", "account", "group"],
        	"error": "javax.naming.CommunicationException: localhost:1636 [Root exception is java.net.SocketException: Unconnected sockets not implemented]",
        	"ok": false
        }
        

      To reproduce by automated test:

      Set in config.cfg:
      [LDAPConnector]
      version = 1.4.8.0-SNAPSHOT
      
      Run:
      ./run-pybot.py -s *.opendj.with_ssl -t get_on_system_user -n openidm
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                gael Gael Allioux
                Reporter:
                Ladislav.Folta Ladislav Folta
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: