Skip to content

CommunicationException with LDAPS when using native image  #723

Closed
@Abhi-Codes

Description

@Abhi-Codes

Describe the issue.

I am getting the below issue when using a native image. With JVM based uber jar , no issues.
Spring Boot 3.0.1
openjdk version "17.0.5" 2022-10-18
OpenJDK Runtime Environment GraalVM CE 22.3.0 (build 17.0.5+8-jvmci-22.3-b08)
OpenJDK 64-Bit Server VM GraalVM CE 22.3.0 (build 17.0.5+8-jvmci-22.3-b08, mixed mode, sharing)

Application properties

spring.ldap.urls=ldaps://xxx-ad-vip.xxx.com:636
spring.ldap.username=svc.xxx
spring.ldap.password=xxx

Build native executable

./mvnw -Pnative native:compile

Running native executable like below :

./target/ldap-service --spring.profiles.active=local --javax.net.ssl.trustStore=/Users/abhi/Downloads/truststore.jks --javax.net.ssl.trustStorePassword=changeit

StackTrace :

org.springframework.ldap.CommunicationException: xxx-ad-vip.xxx.com:636
	at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:108) ~[na:na]
	at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:363) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.support.AbstractContextSource.doGetContext(AbstractContextSource.java:147) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:166) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:367) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:319) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:626) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:596) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:1661) ~[ldap-service:3.0.0]
	at com.vmware.ldapservice.serviceImpl.LDAPServiceImpl.getADAttributes(LDAPServiceImpl.java:82) ~[ldap-service:na]
	at java.base@17.0.5/java.lang.reflect.Method.invoke(Method.java:568) ~[ldap-service:na]
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:343) ~[na:na]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:196) ~[ldap-service:6.0.3]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[ldap-service:6.0.3]
	at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:752) ~[na:na]
	at org.springframework.cache.interceptor.CacheInterceptor.lambda$invoke$0(CacheInterceptor.java:54) ~[ldap-service:6.0.3]
	at org.springframework.cache.interceptor.CacheAspectSupport.invokeOperation(CacheAspectSupport.java:366) ~[ldap-service:6.0.3]
	at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:421) ~[ldap-service:6.0.3]
	at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:345) ~[ldap-service:6.0.3]
	at org.springframework.cache.interceptor.CacheInterceptor.invoke(CacheInterceptor.java:64) ~[ldap-service:6.0.3]
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:184) ~[ldap-service:6.0.3]
	at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:752) ~[na:na]
	at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:703) ~[na:na]
	at com.xxx.ldapservice.serviceImpl.LDAPServiceImpl$$SpringCGLIB$$0.getADAttributes(<generated>) ~[ldap-service:na]
	at com.xxx.ldapservice.controller.LdapController.lambda$0(LdapController.java:34) ~[ldap-service:na]
	at java.base@17.0.5/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768) ~[na:na]
	at java.base@17.0.5/java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1760) ~[na:na]
	at java.base@17.0.5/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:373) ~[ldap-service:na]
	at java.base@17.0.5/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1182) ~[na:na]
	at java.base@17.0.5/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1655) ~[ldap-service:na]
	at java.base@17.0.5/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1622) ~[ldap-service:na]
	at java.base@17.0.5/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:165) ~[ldap-service:na]
	at org.graalvm.nativeimage.builder/com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine(PlatformThreads.java:775) ~[ldap-service:na]
	at org.graalvm.nativeimage.builder/com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine(PosixPlatformThreads.java:203) ~[na:na]
Caused by: javax.naming.CommunicationException: xxx-ad-vip.xxx.com:636
	at java.naming@17.0.5/com.sun.jndi.ldap.Connection.<init>(Connection.java:253) ~[na:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137) ~[na:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1616) ~[na:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2848) ~[na:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348) ~[na:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225) ~[ldap-service:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189) ~[ldap-service:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243) ~[ldap-service:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154) ~[ldap-service:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84) ~[ldap-service:na]
	at java.naming@17.0.5/javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:732) ~[ldap-service:na]
	at java.naming@17.0.5/javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305) ~[ldap-service:na]
	at java.naming@17.0.5/javax.naming.InitialContext.init(InitialContext.java:236) ~[ldap-service:na]
	at java.naming@17.0.5/javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:na]
	at org.springframework.ldap.core.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:42) ~[ldap-service:3.0.0]
	at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:351) ~[ldap-service:3.0.0]
	... 32 common frames omitted
Caused by: java.lang.NoSuchMethodException: javax.net.ssl.SSLSocketFactory.getDefault()
	at java.base@17.0.5/java.lang.Class.getMethod(DynamicHub.java:2227) ~[ldap-service:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.Connection.createSocket(Connection.java:293) ~[na:na]
	at java.naming@17.0.5/com.sun.jndi.ldap.Connection.<init>(Connection.java:232) ~[na:na]
	... 47 common frames omitted

Activity

changed the title [-]CommunicationException when using native image[/-] [+]CommunicationException with LDAPS when using native image [/+] on Jan 26, 2023
Abhi-Codes

Abhi-Codes commented on Jan 30, 2023

@Abhi-Codes
Author

@jzheaux Perhaps someone can have a look at this issue. Not able to migrate to Spring Boot 3 native image because of it.

self-assigned this
on Feb 6, 2023
added this to the 3.0.1 milestone on Feb 6, 2023
jzheaux

jzheaux commented on Feb 6, 2023

@jzheaux
Collaborator

Thanks, @Abhi-Codes, I've scheduled this for the next maintenance release.

Abhi-Codes

Abhi-Codes commented on Feb 7, 2023

@Abhi-Codes
Author

Great , thanks @jzheaux

Abhi-Codes

Abhi-Codes commented on Feb 7, 2023

@Abhi-Codes
Author

Meanwhile, folks who are facing the issue can add a RuntimeHint for missing javax.net.ssl.SSLSocketFactory.getDefault().

static class MyHint implements RuntimeHintsRegistrar {
    @Override
	public void registerHints(RuntimeHints hints, ClassLoader classLoader) {
        hints.reflection().registerType(TypeReference.of("javax.net.ssl.SSLSocketFactory"), builder -> builder.withMembers(MemberCategory.INVOKE_PUBLIC_METHODS));
    }
}

and @ImportRuntimeHints(MyHint.class) to your Spring Boot application (main class).

added a commit that references this issue on Feb 15, 2023
d5e1a15
added a commit that references this issue on Feb 6, 2024
a1a2eab
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Type

No type

Projects

No projects

Relationships

None yet

    Development

    No branches or pull requests

      Participants

      @jzheaux@Abhi-Codes

      Issue actions

        CommunicationException with LDAPS when using native image · Issue #723 · spring-projects/spring-ldap