环境:server 2003 jdk1.6 eclipse 测试java类。
需求:使用测试java类 连接AD域服务器 实现创建带密码用户 修改用户信息等。
在域服务器上面 安装了数字证书 步骤如下
http://ming228.blog.51cto.com/421298/104180/
代码如下:
public static LdapContext getContext() {
String keystore = "C:/Java/jre6/lib/security/cacerts";
System.out.println(keystore);
System.setProperty("javax.net.ssl.trustStore", keystore);
LdapContext ctx = null;
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://ad1.zywycq.com:636");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.SECURITY_PRINCIPAL, "cn=administrator,cn=users,dc=ad1,dc=zywycq,dc=com");
env.put(Context.SECURITY_CREDENTIALS, "123456");
env.put(Context.SECURITY_PROTOCOL, "ssl");
//env.put(Context.REFERRAL, "follow");
try {
ctx = new InitialLdapContext(env, null);
} catch (NamingException e1) {
e1.printStackTrace();
}
return ctx;
}
在运行之前使用ie访问域服务器 下载证书 使用 keytool -import -trustcacerts -alias zy_domain -file D:/certnew.cer -keystore "C:/Java/jre6/lib/security/cacerts" 导入到keystore中。
运行后报如下错误:
javax.naming.CommunicationException: simple bind failed: ad1.zywycq.com:636 [Root exception is javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake]
at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.ldap.InitialLdapContext.(Unknown Source)
at Test.getContext(Test.java:178)
at Test.addUser(Test.java:188)
at Test.main(Test.java:43)
Caused by: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)
... 14 more
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at com.sun.net.ssl.internal.ssl.InputRecord.read(Unknown Source)
... 22 more
Exception in thread "main" java.lang.NullPointerException
at Test.addUser(Test.java:221)
at Test.main(Test.java:43)
困惑了很久 在网上也找了很多类似的错误 仍然没有解决。
请各位帮忙看下 比较急 谢谢。
ps:如果不使用ssl连接 端口改为389 则可以成功创建无密码用户。