Description of problem: When trying to use InitialDirContext.search(String name, String filter, SearchControls cons) method to search LDAP server, if the first "name" parameter includes url and port number, an javax.naming.InvalidNameException exception will be thrown. This issue only happens in EAP 6, same source code works fine in either EAP 5 or as standalone Java client. Version-Release number of selected component (if applicable): How reproducible: The source code snippet below can be used to reproduce this issue: ============================================================= Hashtable env = new Hashtable(); env.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); env.put("java.naming.security.authentication", "simple"); env.put("java.naming.ldap.version", "3"); env.put("java.naming.referral", "ignore"); env.put("java.naming.ldap.derefAliases", "never"); env.put("java.naming.provider.url", "ldap://192.168.0.1:389"); env.put("java.naming.factory.url.pkgs", "org.jboss.as.naming.interfaces:org.jboss.ejb.client.naming"); SearchControls ctl = null; String attrArr[] = new String[1]; attrArr[0] = "objectclass"; ctl = new SearchControls(2, 0L, 0, attrArr, false, false); String base = "ldap://192.168.0.1:389/dc=sample,dc=com"; String filter = "(uid=sample)"; NamingEnumeration nenum = null; DirContext ictx = null; try{ ictx = new InitialDirContext(env); nenum = ictx.search(base, filter, ctl); // <====== issue occurs on this line return "SUCCESS"; } catch(NamingException ne1){ ne1.printStackTrace(); } ============================================================= Actual results: Below exception will be thrown: 09:31:57,377 ERROR [stderr] (http-/192.168.0.2:8080-1) javax.naming.InvalidNameException: ldap:: [LDAP: error code 34 - Invalid DN Syntax]; remaining name 'ldap://192.168.0.1:389/dc=sample,dc=com' 09:31:57,377 ERROR [stderr] (http-/192.168.0.2:8080-1) at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) 09:31:57,378 ERROR [stderr] (http-/192.168.0.2:8080-1) at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source) 09:31:57,378 ERROR [stderr] (http-/192.168.0.2:8080-1) at com.sun.jndi.ldap.LdapCtx.c_lookup(Unknown Source) 09:31:57,378 ERROR [stderr] (http-/192.168.0.2:8080-1) at com.sun.jndi.toolkit.ctx.ComponentContext.c_resolveIntermediate_nns(Unknown Source) 09:31:57,378 ERROR [stderr] (http-/192.168.0.2:8080-1) at com.sun.jndi.toolkit.ctx.AtomicContext.c_resolveIntermediate_nns(Unknown Source) To workaround the issue: Change the line: String base = "ldap://192.168.0.1:389/dc=sample,dc=com"; To String base = "dc=sample,dc=com"; By removing url part, search() method will work with the name string. Expected results: NamingEnumeration object returned, even if using "ldap://192.168.0.1:389/dc=sample,dc=com" as name parameter. Additional info: From the official "The JNDI Tutorial", names with url should be supported. http://docs.oracle.com/javase/jndi/tutorial/ldap/misc/url.html
I don't mind taking a look, working on LDAP at the moment anyway and we have had other similar issues I believe in this area. Just one question - where is the affected code being executed? Is it deployed within a web app or somewhere else?
(In reply to Darran Lofthouse from comment #1) > I don't mind taking a look, working on LDAP at the moment anyway and we have > had other similar issues I believe in this area. > > Just one question - where is the affected code being executed? Is it > deployed within a web app or somewhere else? Hi, Darran: Thanks for looking into this. The customer is using a 3rd party software to authenticate against LDAP. This third party app is a wrapper for the Business Objects SDK (SAP). The call oringally starts from a REST webservice: Snippet how they call 3rd party software: ======================================================== @GET @Path("loginTokenFake") @Produces(MediaType.TEXT_PLAIN) public String getLoginTokenFake() { IEnterpriseSession eSession = null; ReportServiceImpl reportService = new ReportServiceImpl(); try { // HAVING problem here eSession = reportService.logon("admin", "xxxxxx"); // ...... // ...... return "BO Login Successful"; } catch (SDKException sdkEx){ LOGGER.error("Error logging into BO:",sdkEx); } return "BO Login Failed"; } ======================================================== Snippet in the 3rd party software, which calls BusinessObject method ======================================================== public IEnterpriseSession logon(String username, String password) throws SDKException{ ISessionMgr mySessionMgr; try { mySessionMgr = CrystalEnterprise.getSessionMgr(); return mySessionMgr.logon(username, password, getBOServer(), getBOAuthentication()); } catch (SDKException sdkEx){ throw sdkEx; } } ======================================================== The souce code I pasted in the case is the reproducer being used in customer's debug / testing.
Request for inclusion to EAP 6.3.0.
Darran Lofthouse <darran.lofthouse> made a comment on jira WFLY-2319 Adding the test project used to reproduce this.
Have you tried to use String base = "dc=sample,dc=com"; ? ldap:// names are to be used with no environment properties map, and the handling of such jndi names is mostly what we are fixing here, so proper names for LdapCtxFactory should work at the moment. Here is an example of proper usage on Oracle JNDI LDAP docs: http://docs.oracle.com/javase/jndi/tutorial/basics/directory/src/SearchRetAll.java
Brad Maxwell <bmaxwell> updated the status of jira JBEAP-32 to Closed
Josef Cacek <jcacek> updated the status of jira WFLY-2319 to Reopened
Verified on EAP 6.3.0.DR1.