We Keep Coding

Java maill SSL peer shut down incorrectly

I'm working on an old Java 1.8 application which needs TLS to be configured for the mail sending part using java.mail-api of the javax-mail version 1.6.2. I added these properties to the properties map (pls notice the comment):
Properties smtpProps = System.getProperties();
smtpProps.put("mail.smtp.auth", config.getProperty("mail.smtpauth"));
smtpProps.put("mail.smtp.host", config.getProperty("mail.smtpserver"));
smtpProps.put("mail.smtp.port", config.getProperty("mail.smtpport"));
smtpProps.put("mail.transport.protocol", "smtp");
smtpProps.put("mail.smtp.connectiontimeout", config.getProperty("mail.timeout"));
smtpProps.put("mail.debug", config.getProperty("mail.debug"));
// Following block is new
smtpProps.put("mail.smtp.starttls.enable", config.getProperty("mail.starttls"));
smtpProps.put("mail.smtp.ssl.trust", config.getProperty("mail.ssltrust"));
smtpProps.put("mail.smtp.ssl.protocols", config.getProperty("mail.sslprotocols"));
smtpProps.put("mail.smtp.ssl.enable", config.getProperty("mail.ssl"));
Which will added to the session by overriding the PasswordAuthentication like this:
session = Session.getDefaultInstance(smtpProps,
new javax.mail.Authenticator() {
#Override
protected PasswordAuthentication getPasswordAuthentication() {
return new PasswordAuthentication(user, pwd);
}
});
At last, there are some couple of lines with the message itself and following block to send the mail:
Transport t = session.getTransport();
try {
if (!user.equals(""))
t.connect(user, pwd);
else
t.connect();
msg.saveChanges();
t.sendMessage(msg, msg.getAllRecipients());
} catch (MessagingException e) {
log.error("Error while sending the mail: " + e.getMessage());
throw e;
} finally {
t.close();
t = null;
}
Unfortunately, this doesn't work. I'm getting an error which looks like this:
Caused by: java.io.EOFException: SSL peer shut down incorrectly
This exception points to the t.connect(user,pwd); line but not with authentication failed or so.

how to create a new user jazn-data.xml programmatically?

I'm using JDeveloper 11g.
I want to create a new user programmatically in 'jazn-data.xml'. Is this possible and how can I do it?

public void createWeblogicUser() {
try {
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, "weblogic.jndi.WLInitialContextFactory");
env.put(Context.SECURITY_PRINCIPAL, "weblogic");
env.put(Context.SECURITY_CREDENTIALS, "welcome1");
env.put(Context.PROVIDER_URL, "t3://127.0.0.1:7101");
InitialContext ctx = new InitialContext(env);
MBeanServer wls = (MBeanServer) ctx.lookup("java:comp/env/jmx/runtime");
wls.invoke(new ObjectName(" Security:Name=myrealmDefaultAuthenticator")
, "createUser"
, new Object[] {"wls_user5555", "password123","User created programmatically."}
, new String[] {"java.lang.String", "java.lang.String","java.lang.String"}
);
ctx.close();
}
catch(Exception ex) {
ex.printStackTrace();
}
}

Yes, is possible.
Technically speaking, you do not create users in jazn-data.xml, this is just a file used at development time. At runtime, you create users in weblogic.
Please find below a link:
Creating WebLogic users programmatically from a standalone Java client

Simple LDAP SSO auth

I have a very simple LDAP auth :
DirContext ctx = null;
try
{
logger.debug("Trying to log with LDAP");
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(javax.naming.Context.INITIAL_CONTEXT_FACTORY, ninjaProperties.get("ldapFactory"));
env.put(javax.naming.Context.PROVIDER_URL, ninjaProperties.get("ldapProvider"));
env.put(javax.naming.Context.SECURITY_AUTHENTICATION, ninjaProperties.get("ldapAuthentication"));
env.put(javax.naming.Context.SECURITY_PRINCIPAL, ninjaProperties.get("ldapDomain") + context.getParameter("login"));
env.put(javax.naming.Context.SECURITY_CREDENTIALS, context.getParameter("password"));
ctx = new InitialDirContext(env);
if(ctx != null){
logger.info( "User [" + context.getParameter("login") + "] logged in successfully." );
ctx.close();
return Results.redirect("/TermeController/consult");
}
}
catch (Exception e)
{
logger.error("LDAP Login failed : " + e.toString());
}
For now, users logg in with a form. I would like to set up an SSO auth, but i can't find a way to set it up easily.
Do i need to use something like CAS or so? Or is there a simple way?
Thx :)

SSO is quite a broad topic, I am not sure what exactly you are trying to achieve here. However if you want SSO for windows users i.e. allowing Windows users that are already authenticated against a domain controller to access your app with the same credentials you could look into WAFFLE which does exactly that.

JNDI .Net implemantation

I've a java code which uses JNDI to acess a Directory and get user/password to login inside a samba.
What I need is a way to covnert it to .Net code. However I read this MSDN article and couldn't understand. I've tried to use DirectorySearcher class in many different ways.
There's a small piece of java code:
try {
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(Context.INITIAL_CONTEXT_FACTORY, JNDI_FACTORY);
env.put(Context.PROVIDER_URL, jndiServerURL);
ic = new InitialContext(env);
fileSystemProxy = (T3FileSystemProxy) ic.lookup("Credential");
}
catch (Exception e) {
e.printStackTrace();
}
Does somebody know how to implement it?

Unfortunately I couldn't implement JNDI because it's an interface for Java. I've had to get the UNC path and to authenticate using network credential.
using (new UNCPathAccess(Path.GetDirectoryName(pathPdf), username, string.Empty, password))
{
Email.Send(subject, body, email, attachments);
}

Cannot connect with Active Directory to reset password

I am totally new to this field and not much experienced in java too. I was assigned this task and I could connect in simple mode as admin and retrieve info, but couldnot reset password. I found in many sites that I have to use ssl for that, but couldnt successfully do that as I get a
"simple bind failed"
error I post my code below of what I did and also the codes I commented out(which I tried earlier). Please please please help. I couldnt solve the problem from any source I received. I used a certificate copied from server into my keystore. Is this the right way to use that?? If i remove the ssl part
env.put(Context.SECURITY_PROTOCOL,"ssl");
I get a handshake exception
Problem with TLS: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: signature check failed
public class ActiveDirectory {
private DirContext ctx;
public boolean connect(String username,String password){
Hashtable<String, String> env = new Hashtable<String, String>();
// Properties env=new Properties();
env.put(Context.SECURITY_PROTOCOL,"ssl");
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "simple");
env.put(Context.PROVIDER_URL, "ldap://192.168.1.199:389");
env.put(Context.REFERRAL, "follow");
// The value of Context.SECURITY_PRINCIPAL must be the logon username
// with the domain name
env.put(Context.SECURITY_PRINCIPAL, username+"#xxxx.net");
// The value of the Context.SECURITY_CREDENTIALS should be the user's
// password
env.put(Context.SECURITY_CREDENTIALS, password);
try {
// Authenticate the logon user
ctx = new InitialLdapContext(env,null);
return true;
}catch(NamingException e){
System.out.println("Error in connecting : " + e.getMessage());
return false;
}
}
public boolean changePasswordAdmin(String userName,String newPassword){
try {
//set password is a ldap modfy operation
//Secure the session with TLS
StartTlsResponse tls = (StartTlsResponse)((LdapContext) ctx).extendedOperation(new StartTlsRequest());
tls.negotiate();
//set password is a ldap modfy operation
ModificationItem[] mods = new ModificationItem[1];
//Replace the "unicdodePwd" attribute with a new value
//Password must be both Unicode and a quoted string
String newQuotedPassword = "\"" + newPassword + "\"";
byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
// Perform the update
ctx.modifyAttributes(userName, mods);
System.out.println("Reset Password for: " + userName);
tls.close();
ctx.close();
return true;
}
catch (NamingException e) {
System.out.println("Problem resetting password: " + e);
}
catch (UnsupportedEncodingException e) {
System.out.println("Problem encoding password: " + e);
}
catch (IOException e) {
System.out.println("Problem with TLS: " + e);
}
return false;
}
public static void main(String args[]) throws NamingException {
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
// the keystore that holds trusted root certificates
System.setProperty("javax.net.ssl.trustStore", "C:\\keystore.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "****");
System.setProperty("javax.net.ssl.keyStore", "C:\\keystore.jks");
System.setProperty("javax.net.ssl.keyStorePassword", "****");
ActiveDirectory d= new ActiveDirectory();
d.connect("Administrator", "Group&Team2");
System.out.println(d.fetchData("MG"));
System.out.println(d.changePasswordAdmin("CN=Manager MG. Manager,OU=Manager,DC=xxxxx,DC=net", "Abcd#10"));
}
}

Your active directory doesn't have a valid certificate.
This is probably the case because the root certificate wasn't imported in Java.
Here is a small tutorial how to import certificates into java.