Novell的LDAP的C# - Novell.Directory.Ldap - 有没有人做工作的? [英] Novell LDAP C# - Novell.Directory.Ldap - Has anybody made it work?
问题描述
我试图使用Novell公司(Novell.Directory.Ldap)发布的库。版本2.1.10。
I'm trying to use the library released by Novell (Novell.Directory.Ldap). Version 2.1.10.
我到目前为止,完成的:
What I've done so far:
-
我测试与应用程序的连接( LdapBrowser )和它的工作,所以它不是一个沟通的问题。
I tested the connection with an application (LdapBrowser) and it's working, so its not a communication problem.
它编译单声道,但我与Visual Studio中。因此,创建具有源项目。我还包含一个参考Mono.Security,因为这个项目依赖于它。
It's compiled in Mono, but I'm working with Visual Studio. So created a project with the sources. I also included a reference to Mono.Security, because the project depended on it.
我评论一个呼叫(freeWriteSemaphore(semid的);)中的连接的错误捕获的部分,因为它被扔更多的异常。我查了一下那个电话一样,它只是一个错误跟踪机制。
I commented a call (freeWriteSemaphore(semId); ) in the error catching part of the connection, because it was throwing more exceptions. I checked what that call did, and its just a error tracing mechanism.
我跟着由Novell公司提供的文档中的基本步骤(<一href="http://www.novell.com/coolsolutions/feature/11204.html">http://www.novell.com/coolsolutions/feature/11204.html).
I followed the basics steps provided in the documentation by Novell (http://www.novell.com/coolsolutions/feature/11204.html).
//创建LdapConnection实例
// Creating an LdapConnection instance
LdapConnection ldapConn =新LdapConnection(); ldapConn.SecureSocketLayer = ldapPort == 636;
LdapConnection ldapConn= new LdapConnection(); ldapConn.SecureSocketLayer = ldapPort == 636;
//连接功能将创建一个套接字连接到服务器
//Connect function will create a socket connection to the server
ldapConn.Connect(ldapHost,ldapPort);
ldapConn.Connect(ldapHost,ldapPort);
//绑定功能将用户绑定的对象凭据到服务器
//Bind function will Bind the user object Credentials to the Server
ldapConn.Bind(用户DN,userPasswd);
ldapConn.Bind(userDN,userPasswd);
现在,它的崩溃在bind()的函数。我得到的错误91
Right now it's crashing at the Bind() function. I get the error 91.
因此,已经有人使用过这个库,看到它的工作?如果是这样,你做了什么,使其工作,是有一些特殊的配置需要的?有没有一种方法,使其在.NET环境中工作,没有单(我可以有引用单声道的dll,但我不希望它被安装在服务器上)?
So, has someone ever used this library and seen it work? If so, what did you do to make it work, is there some special configuration needed? Is there a way to make it work in .NET environment without Mono (I can have references to Mono dlls, but I don't want it to be installed on the server)?
(UPDATE) 连接在端口636,因此使用SSL。我使用Wireshark检查了沟通,并与我从LDAP浏览器获得了比较。我已经看到了那里的SSL证书模板传达了一步,是不是由LDAP库完成。那么,是什么让它做它应该以最好的方式是什么?
(UPDATE) The connection is on port 636, thus using SSL. I checked with WireShark the communication and compared with what I get from LDAP Browser. I've seen that the step where the SSL certicate is communicated, is not done by the LDAP library. So, what is the best way to make it do what its supposed to?
(更新)我检查的文件和它的表明它不支持SSL。 <一href="http://www.novell.com/coolsolutions/feature/11204.html">http://www.novell.com/coolsolutions/feature/11204.html
(UPDATE) I checked the documentation and it's indicating that it doesn't support SSL. http://www.novell.com/coolsolutions/feature/11204.html
认证到LDAP服务器 LdapConnection.Bind()。我们只支持 明文认证。 SSL / TLS的 支持还有待补充说。
Authenticate to the LDAP server with LdapConnection.Bind(). We support only cleartext authentication. SSL/TLS support is yet to be added.
但是,从2004年的文件日期,从那时起,已经进行了许多更新。还有就是在图书馆的参数来定义,如果连接使用SSL。所以现在我感到困惑。
But the documentation date from 2004, and since then, many updates have been made. And there is a parameter in the library to define if the connection uses SSL. So now I'm confused.
(更新)发现了一个比较先进的最新文档:<一href="http://developer.novell.com/documentation//ldapcsharp/index.html?page=/documentation//ldapcsharp/cnet/data/bqwa5p0.html">http://developer.novell.com/documentation//ldapcsharp/index.html?page=/documentation//ldapcsharp/cnet/data/bqwa5p0.html.在SSL连接的方式,是通过注册服务器上的证书。问题是,我在做什么不绑定到特定的Novell服务器,因此该证书必须动态地获得。
(UPDATE) Found a more up-to-date documentation : http://developer.novell.com/documentation//ldapcsharp/index.html?page=/documentation//ldapcsharp/cnet/data/bqwa5p0.html. The way the SSL connection is made, is by registering the certificate on the server. The problem is that what I'm doing is not bound to a specific Novell server, so the certificate must be obtained dynamically.
推荐答案
我终于找到了一种方法,使这项工作。
I finally found a way to make this work.
首先,论文岗位帮助我得到正确的轨道上: http://directoryprogramming.net/论坛/线程/ 788.aspx
First, theses posts helped me get on the right track : http://directoryprogramming.net/forums/thread/788.aspx
二,我得到了Novell的LDAP库的编译DLL和使用的Mono.Security.Dll。
Second, I got a compiled dll of the Novell LDAP Library and used the Mono.Security.Dll.
解决方法:
我添加了这个功能,在code
I added this function to the code
// This is the Callback handler - after "Binding" this is called
public bool MySSLHandler(Syscert.X509Certificate certificate, int[] certificateErrors)
{
X509Store store = null;
X509Stores stores = X509StoreManager.LocalMachine;
store = stores.TrustedRoot;
//Import the details of the certificate from the server.
X509Certificate x509 = null;
X509CertificateCollection coll = new X509CertificateCollection();
byte[] data = certificate.GetRawCertData();
if (data != null)
x509 = new X509Certificate(data);
//List the details of the Server
//if (bindCount == 1)
//{
Response.Write("<b><u>CERTIFICATE DETAILS:</b></u> <br>");
Response.Write(" Self Signed = " + x509.IsSelfSigned + " X.509 version=" + x509.Version + "<br>");
Response.Write(" Serial Number: " + CryptoConvert.ToHex(x509.SerialNumber) + "<br>");
Response.Write(" Issuer Name: " + x509.IssuerName.ToString() + "<br>");
Response.Write(" Subject Name: " + x509.SubjectName.ToString() + "<br>");
Response.Write(" Valid From: " + x509.ValidFrom.ToString() + "<br>");
Response.Write(" Valid Until: " + x509.ValidUntil.ToString() + "<br>");
Response.Write(" Unique Hash: " + CryptoConvert.ToHex(x509.Hash).ToString() + "<br>");
// }
bHowToProceed = true;
if (bHowToProceed == true)
{
//Add the certificate to the store. This is \Documents and Settings\program data\.mono. . .
if (x509 != null)
coll.Add(x509);
store.Import(x509);
if (bindCount == 1)
removeFlag = true;
}
if (bHowToProceed == false)
{
//Remove the certificate added from the store.
if (removeFlag == true && bindCount > 1)
{
foreach (X509Certificate xt509 in store.Certificates)
{
if (CryptoConvert.ToHex(xt509.Hash) == CryptoConvert.ToHex(x509.Hash))
{
store.Remove(x509);
}
}
}
Response.Write("SSL Bind Failed.");
}
return bHowToProceed;
}
和我用它在结合过程
// Create Connection
LdapConnection conn = new LdapConnection();
conn.SecureSocketLayer = true;
Response.Write("Connecting to:" + ldapHost);
conn.UserDefinedServerCertValidationDelegate += new
CertificateValidationCallback(MySSLHandler);
if (bHowToProceed == false)
conn.Disconnect();
if (bHowToProceed == true)
{
conn.Connect(ldapHost, ldapPort);
conn.Bind(loginDN, password);
Response.Write(" SSL Bind Successfull ");
conn.Disconnect();
}
quit = false;
的关键要素是使用SSL处理程序以动态获取证书,并使用X509StoreManager.LocalMachine,这样当网站运行它能够保存和获取证书。
The key elements are using the SSL Handler to dynamically obtain the Certificate, and using X509StoreManager.LocalMachine so that when the website is running its able to save and fetch the certificates.
这篇关于Novell的LDAP的C# - Novell.Directory.Ldap - 有没有人做工作的?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
