Unable to browse Context Names during LDAPS configuration on TIBCO Spotfire Server

Unable to browse Context Names during LDAPS configuration on TIBCO Spotfire Server

book

Article ID: KB0075999

calendar_today

Updated On:

Products Versions
Spotfire Server 7.5 and higher

Description

While configuring the TIBCO Spotfire with an LDAPS configuration, the LDAP server context names might not show up and the LDAP browser tab:

User-added image


In such a case, the following error will be observed in tools.log located under "<Installation Directory>\tibco\tss\<version>\tomcat\logs":

WARN 2020-01-06T14:38:21,740-0500 server.ldap.LdapSearcher: Error performing an LDAP search javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: xxxx-xxxxxxxx, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580 ]     at com.xxx.xxxx.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3194) ~[?:1.8.0_231]     at com.xxx.xxxx.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100) ~[?:1.8.0_231]     at com.xxx.xxxx.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891) ~[?:1.8.0_231]     at com.xxx.xxxx.ldap.LdapCtx.searchAux(LdapCtx.java:1846) ~[?:1.8.0_231]     at com.xxx.xxxx.ldap.LdapCtx.c_search(LdapCtx.java:1769) ~[?:1.8.0_231]     at com.xxx.xxxx.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392) ~[?:1.8.0_231]     at com.xxx.xxxx.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358) ~[?:1.8.0_231]     at com.xxx.xxxx.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:341) ~[?:1.8.0_231]     at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267) ~[?:1.8.0_231]     at com.spotfire.server.ldap.LdapSearcher.lookupUsingPagedResultsControl(LdapSearcher.java:89) [spotfire-server.jar:?]     at com.spotfire.server.ldap.LdapConfigurator.getChildContextDNs(LdapConfigurator.java:418) [spotfire-server.jar:?]     at com.spotfire.server.ldap.LdapConfigurator.getContextName(LdapConfigurator.java:372) [spotfire-server.jar:?]     at com.spotfire.server.ldap.LdapConfigurator.getContextNames(LdapConfigurator.java:331) [spotfire-server.jar:?]     at com.spotfire.server.tools.confui.LdapTreeBrowserDialog.ldapFillTree(LdapBrowserComponent.java:492) [spotfire-tss-tools.jar:?]     at com.spotfire.server.tools.confui.LdapTreeBrowserDialog.access$900(LdapBrowserComponent.java:118) [spotfire-tss-tools.jar:?]     at com.spotfire.server.tools.confui.LdapTreeBrowserDialog$SearchLdapWorker.doInBackground(LdapBrowserComponent.java:361) [spotfire-tss-tools.jar:?]     at com.spotfire.server.tools.confui.LdapTreeBrowserDialog$SearchLdapWorker.doInBackground(LdapBrowserComponent.java:350) [spotfire-tss-tools.jar:?]     at javax.swing.SwingWorker$1.call(SwingWorker.java:295) [?:1.8.0_231]     at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:1.8.0_231]     at javax.swing.SwingWorker.run(SwingWorker.java:334) [?:1.8.0_231]     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_231]     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_231]     at java.lang.Thread.run(Thread.java:748) [?:1.8.0_231]

Resolution

This is caused by an issue with the certificate required for LDAPS connection, or its configuration on the system.

To resolve, make sure that the correct CA signed certificate is placed under <installation dir>/jdk/jre/lib/security. If a self signed certificate is used, make sure the certificate is imported into the cacert as per the steps mentioned in LDAPS documentation.

Issue/Introduction

This article explains a reason for being unable to browse Context Names during LDAPS configuration on TIBCO Spotfire Server.

Additional Information

Doc: Configuring LDAPS
https://docs.tibco.com/pub/spotfire_server/10.3.6/doc/html/TIB_sfire_server_tsas_admin_help/GUID-C12BE657-5065-4728-AA85-83DFC4FFEE29.html