Skip to main content

how to configure glassfish to use TLS for LDAP authentication

Please note these forums are being decommissioned and use the new and improved forums at
No replies
Joined: 2010-05-08


i would like to configure glassfish to use open ldap to authentication.

I have verified that File Realm works.

Next I tried to set up LDAP realm.

Glassfish tries to contact the openldap server but got the known refusal message when an ldap client tries to connect without TLS.

Here is the line in glassfish server log.

javax.naming.AuthenticationNotSupportedException: [LDAP: error code 13 - confidentiality required]; remaining name 'ou=people,dc=example,dc=com'

The message 'confidentiality required' is definitely the message from openldap. If I attempt to connect to this server using another ldap client such as 'ldapsearch' without encryption I get this error.

My question is : what properties should I supply to glassfish so that it uses TLS to connect to openldap.

Based on this page

I had tried the following three but it did not work.

tlssecurity 'YES'
protocol 'TLS'
ssltype 'TLS On Demand'

Can someone point the url for the 'official' documentation for this setting?


Mr. Wu