Hi,

We are using eDirectory as our directory server and use sso for
authentication with eDirectory and we use ecbldap.jar novell based jndi and
jar files to authenticate against ldap, manager.class and loginmanager.class
and others.

Everything was working fine with tomcat 4 and jdk 1.4. When we try to
upgrade to tomcat 5.5.20 and jsk 1.5. We get strange error where when sso
tries to authenticate against ldap with port 636. We get jass policy not
configured for sso. Initial connection is made by

cess: access allowed (java.lang.RuntimePermission getProtectionDomain)
access: access allowed (java.lang.RuntimePermission getProtectionDomain)
access: access allowed (java.lang.RuntimePermission getProtectionDomain)
access: access allowed (java.util.PropertyPermission
com.sun.net.ssl.requireCloseNotify read)
access: access allowed (java.net.SocketPermission 172.17.90.238:636
connect,resolve)
access: access allowed (java.net.SocketPermission 172.17.90.238:636
connect,resolve)
access: access allowed (java.net.NetPermission getProxySelector)
access: access allowed (java.net.SocketPermission ldaphost resolve)


But when we authenticate at he runtime on the jsp page. we get

app Policy Classes get ID sso
No JAAS Policy class for webapp 'sso' has been registered
access: access denied (java.security.SecurityPermission
insertProvider.SunJSSE)
java.lang.Exception: Stack trace

com.novell.ecb.CommandException: access denied
(java.security.SecurityPermission insertProvider.SunJSSE)
at
com.novell.ecb.security.RetrieveHostCertificates.r etrieveHostCertificates(RetrieveHostCertificates.j ava:126)
at
com.novell.ecb.security.RetrieveHostCertificates.e xecute(RetrieveHostCertificates.java:85)
at
com.scb.sso.service.LdapManager.setupSSLCert(LdapM anager.java:135)
at com.scb.sso.service.LdapManager.init(LdapManager.j ava:66)
at com.scb.sso.service.LdapManager.<init>(LdapManager .java:61)
at com.scb.sso.service.LdapManager.getInstance(LdapMa nager.java:52)
at
com.scb.sso.service.LoginManager.isScbPerson(Login Manager.java:110)

at
org.apache.jk.common.ChannelSocket.processConnecti on(ChannelSocket.java:697)
at
org.apache.jk.common.ChannelSocket$SocketConnectio n.runIt(ChannelSocket.java:889)
at
org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
[error] Time:2007-07-30 12:25 Class:LdapManager User: Message:access denied
(java.security.SecurityPermission insertProvider.SunJSSE)


Could it be a problem with ecbldap.jar. When the connection is made while
starting the, application is able to establish a connection but only during
the runtime that is when we authenticate we get this issue.


Please help

Regards

Venk