症状
升级jdk5到jdk6后在OracleAS上使用OIM setup和Microsoft User Management connector无法对ADservers产生SSL连接 并且日志文件出现上面的异常
起因
随着JDK1.6 on IBM AIX systems 发布v1.6.java.security文件中缺少对OIM和AD之间产生SSL连接所需要的参数。
解决
你需要修改该文件java.security
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
security.provider.3=com.ibm.jsse.IBMJSSEProvider
security.provider.4=com.sun.crypto.provider.SunJCE
#--from JDK 1.6
security.provider.5=com.ibm.jsse2.IBMJSSEProvider2
security.provider.6=com.ibm.crypto.provider.IBMJCE
security.provider.7=com.ibm.security.jgss.IBMJGSSProvider
security.provider.8=com.ibm.security.cert.IBMCertPath
security.provider.9=com.ibm.security.sasl.IBMSASL
security.provider.10=com.ibm.xml.crypto.IBMXMLCryptoProvider
security.provider.11=com.ibm.xml.enc.IBMXMLEncProvider
security.provider.12=org.apache.harmony.security.provider.PolicyProvider
security.provider.13=com.ibm.security.jgss.mech.spnego.IBMSPNEGO
#
# Class to instantiate as the javax.security.auth.login.Configuration
# provider.
#
login.configuration.provider=com.ibm.security.auth.login.ConfigFile
#
# Class to instantiate as the system Policy. This is the name of the class
# that will be used as the Policy object.
#
policy.provider=sun.security.provider.PolicyFile
#
# Class to instantiate as the system scope:
#
system.scope=sun.security.provider.IdentityDatabase
# List of comma-separated packages that start with or equal this string
# will cause a security exception to be thrown when
# passed to checkPackageAccess unless the
# corresponding RuntimePermission ("accessClassInPackage."+package) has
# been granted.
package.access=sun.
除此之外这些更改你同样需要根据你自己特定的配置来决定
注:上面的更改并没有在所有的环境中都检测过,我们同样无法保证会解决你的问题,必须在测试环境中检测之后再部署
当前位置:
论坛首页 »
自由讨论区 »
Hadoop,ERP及大数据讨论区
»
发起投票
技术讨论
加好友
发消息
2012-3-1 13:36:35 |
赞(
操作
