I am using openLdap (libldap) on Linux for building a simple SSL connection client.
I get the following error:
ldap_set_option(pLdap, LDAP_OPT_X_TLS_REQUIRE_CERT, LDAP_OPT_X_TLS_NEVER)
returns -1. Has anyone else seen this problem?
I am initializing ldap with
ldap_initialize (&pLdap,"ldaps://localhost:10636");
Please, do not redirect me to MSDN site for using wldap32.lib with
ldap_set_option(pLdapConnection, LDAP_OPT_SERVER_CERTIFICATE, &VerifyCert);
and a callback function. That works, but only on windows.
Furthermore, I can't change the server configuration.
pass the parameter in an enclosing value, not as the value itself.
int invalue = LDAP_OPT_X_TLS_NEVER;
err = ldap_set_option(0, LDAP_OPT_X_TLS_REQUIRE_CERT, &invalue);
Note that we can use 0 for the ldap handle because this option is for all connections.
Related
Our organization stores signing certificates in Active Directory. We are using anonymous bind to search for them at a base DN (e.g. OU=MY ORG,dc=mydc,dc=org). I have been trying to use the Spring LdapTemplate to look them up, but no matter what method I use, I get the cryptic InterruptedNamingException.
Assuming a cert subject of cn=mycert.myorg.com
My code looks like this
LdapContextSource contextSource = new LdapContextSource();
contextSource.setUrl(String.format(LDAP_URL_FORMAT, ldapCertStoreParameters.getServerName(),
ldapCertStoreParameters.getPort()));
contextSource.setBase(ldapCertStoreParameters.getBaseDn());
contextSource.setAnonymousReadOnly(true);
contextSource.afterPropertiesSet();
LdapTemplate ldapTemplate = new LdapTemplate(contextSource);
ldapTemplate.setIgnorePartialResultException(true);
ldapTemplate.afterPropertiesSet();
X500Principal principal = x509CertSelector.getSubject();
Object obj = ldapTemplate.lookup(new LdapName(principal.getName()));
The X500 principal's name is the whole dn. cn=mycert.myorg.com,OU=MY ORG,dc=mydc,dc=org
I have also tried the search using just the cn.
We have verified that the DN exists on the server using Apache Directory Studio.
• I would suggest you to please remove the call altogether or set the ‘userSearchBase’ either to an empty String (“”) as per the given example in the below community thread: -
Configure Spring security for Ldap connection
As in the ‘AbstractContextSource’, set the base suffix from which all operations should origin. If a base suffix is set, you will not have to (and, indeed, must not) specify the full distinguished names in any operations performed. Since you specified the full DN for the userDN/filter, you must not specify the base.
AD servers are apparently unable to handle referrals automatically, which causes a ‘PartialResultException’ to be thrown whenever a referral is encountered in a search. To avoid this, set the ‘ignorePartialResultException’ property to true. There is currently no way of manually handling these referrals in the form of ‘ReferralException’, i.e., either you get the exception (and your results are lost) or all referrals are ignored (if the server is unable to handle them properly). Neither is there any simple way to get notified that a ‘PartialResultException’ has been ignored.
For more details regarding the LDAP template search for Active Directory stored certificates, kindly refer to the link below: -
https://docs.spring.io/spring-ldap/docs/current/apidocs/org/springframework/ldap/core/LdapTemplate.html
• Also, please try to refer to the below documentation for configuration of Springboot LDAP template configuration through certificates stored in Active Directory: -
https://www.baeldung.com/x-509-authentication-in-spring-security
Solution:
int session = (int)get_env(argv, SESSION_ID); to get identifier unique to connection
US_VHOST_DATA (vhost) or US_HANDLER_DATA (listener) or US_SERVER_DATA (server) for data persistent > current connection
Missing pieces:
either persistent data for connection only
or some way to execute code when current connection is closed by client (econnreset etc.) or server (e.g. kalive_tmo reached)
This should be solvable as soon as a new HDL_BEFORE_CLOSE state for handlers is added, which makes this question answered for me.
Original Question:
Is it possible in a G-WAN handler to store information persistent to a request/connection (don't really know if "request" applies here)?
To better illustrate what I mean, this is what I got now:
Client (browser, javascript) sends websocket handshake
Handler starts, gets into:
HDL_AFTER_ACCEPT - here i call gc_init for US_REQUEST_DATA, and get no error
HDL_AFTER_READ - here i check for US_REQUEST_DATA which is not yet set, so I do websocket handshake and gc_malloc + set US_REQUEST_DATA, increase KALIVE_TMO, and then return 2 to send data
Client sees websocket connection as being established, so I (manually triggered some seconds afterwards) send a message
Handler goes to HDL_AFTER_READ again, BUT US_REQUEST_DATA is not set
What I've also tried:
returning 1 instead of 2 in HDL_AFTER_READ -> client gets 404 and handshake does not work
At the moment I'm only using US_REQUEST_DATA to identify if websocket connection is already established and next incoming data should be in websocket message format, so if there is a different (maybe better?) solution, I'm open to that as well of course.
Thanks!
Edit: Added clarification about request/connection
I am not sure why US_REQUEST_DATA does not seem to keep your allocated block of memory.
Can you try the persistence.c example to see if it works as expected for you?
Other than G-WAN persistent pointers, you can use OS services like the Linux shared memory API, etc.
But the G-WAN API should work fine once you copy & paste the example above.
Other values have different scopes:
US_VHOST_DATA (scope:vhost)
US_HANDLER_DATA (scope:listener)
US_SERVER_DATA (scope:server)
Use the session ID below which is unique to each CONNECTION:
int session = (int)get_env(argv, SESSION_ID);
I am trying to connect to D3 Database with MVSP java api. So far:
I have downloaded the mvapi.jar
added it in project lib folder
written the sample code for connection inside main method
String url = "jdbc:mv:d3:hostname:portNo";
Properties props = new Properties();
props.setProperty("username", "");
props.setProperty("password", "");
String account = "AGCO";
String password = "";
MVConnection connection = null;
try {
// Getting error at this point
connection = new MVConnection(url,props);
MVStatement mvStatement = connection.createStatement();
connection.logTo(account,password);
MVResultSet results = mvStatement.executeQuery(query);
}
com.tigr.mvapi.exceptions.MVException: server error with errorCode 1023.
I checked the console but I'm not able to figure out the actual cause or whether I am entering the wrong username, password.
Please suggest what I am doing wrong.
First, you have to set a breakpoint or trace which function is throwing the errors. Then check the routes, (FileName) probably you will have much more experience than I do, but keep in mind that giving the full route ("account,filename," where the last comma is important) is never a bad idea while keep you safer and is mandatory if the filename is in a different account that you are logged to.
And like always please verify these things:
You have enough licenses. Try to close any terminal you have opened for testing your queries. Yes you know is true. One connection one license. Sometimes MVSP let you two under the same IP but chek this.
MVSP service is running. See Pick D3 documentation.
Your USER and ACCOUNT are both ENABLED to access in the MVSP server otherwise you won't be able to access these files or login with the user through the API. See the documentation to enable in the MVSP.Menu account.
I hope this helps.
I have a strange error that comes when my database connection is established and then its throughs out this error when executing e=fetch(e) that Undefined function or method 'fetch' for input arguments of type 'struct'. I am calling another function to manipulate on the extracted data
Function loadlib(Pin,con_sem)
load(Pin,con_sem);
end
But now when I run the connection command is separate m file like this
clear;
con_sem = database('OptProgramSemiLib','root','*********');
e=exec(con_sem,['SELECT *FROM Cond WHERE Type LIKE ''MO'' ']); (here it gives message in debug mode' invalid or closed connection)
e=fetch(e);
e.Data
close(con_sem);
then it doesnt gives me this error. I also had this problem when I tried accessing database from another account(with administrator rights).
Any sugestions please. Where I am going wrong.
You cannot load connection object. Once you close the connection or the MATLAB session after you established connection, the connection to database is lost. You have to connect to the database again.
Better save m-file with a script or function to establish connection. You can always check if the connection object is valid with ISCONNECTION function.
Also see my answer and a follow-up comment to another similar question.
I am developing an application for Windows Phone 7. I am trying to use services which are provided by the web site I am trying to get information from. I am using an asynchronous request. So if I try to get information from a web site without any authentication I use this code:
EventSrv.EventSrvSoapClient client = new EventSrv.EventSrvSoapClient();
client.GetAppointmentsAsync();
client.GetAppointmentsCompleted += new EventHandler<EventSrv.GetAppointmentsCompletedEventArgs>(events_completed);
and it works fine. But as soon as I want to use a service from a web site which requires authentication I get a
CommunicationException: _innerException:"Server returned an error: Not Found"
at
public L2P.DocumentsService.GetDocumentsResponse EndGetDocuments(System.IAsyncResult result)
{
object[] _args = new object[0];
//Between this line
L2P.DocumentsService.GetDocumentsResponse _result = ((L2P.DocumentsService.GetDocumentsResponse)(base.EndInvoke("GetDocuments", _args, result)));
//and this line
return _result;
}
I am passing the credentials the following way:
DocumentsService.BaseServiceSoapClient docClient = new DocumentsService.BaseServiceSoapClient();
docClient.ClientCredentials.UserName.UserName = Variables.username;
docClient.ClientCredentials.UserName.Password = Variables.password;
docClient.GetDocumentsCompleted += new EventHandler<DocumentsService.GetDocumentsCompletedEventArgs>(getDocumentsCompleted);
docClient.GetDocumentsAsync();
It actually doesn't matter if I pass the credentials or not, I get the same exception. I don't really know what the problem is, maybe it has nothing to do with the authentication. I've read all the articles here on CommunicationException but they couldn't solve my problem.
Any help will be appreciated!
I've finally figured it out! The server uses Basic Authentication and the header is set to "POST" by default. So I needed to modify the Header, set it to "Basic" and add the credentials as well. Furthermore the
CommunicationException: "Server returned an error: Not Found"
always appear if there is any unhandled exception. So you need to debug and check the _innerException for more information.