Ldap test connection error

0
When configuring ldap in one of my apps I'm getting the following error when I click "Test Connection": Cannot decrypt the text because it was either NOT encrypted with a key of length 16 or they key is different Can anyone tell me what this means or what it's referring to? I've checked the Encryption key and it is 16 characters long. I've used this module in several apps so far and not had this error. Thanks, Tracy   11/28/2018 - I'm still getting this error. After startup microflow has been added and I tried changing the Encryption Key to one I used successfully in another app but still getting the above message about not being able to decrypt text when I click Test Connection.
asked
5 answers
4

I had a similar problem, in my case the error was thrown from the decrypt java-action. After a long search I found that I was using the wrong prefix (constant EncryptionPrefix).

 

In the past my application worked fine with the prefix {AES}, but after updating the Encryption module it appears the prefix should be {AES2}.

 

Maybe this is also the case in your implementation.

answered
2

Jasper's detailed explanation definitely should do the trick.

1. Set the encryption key constant in your modeler - should be any RANDOM 16 characters

 

2. Start-up your Mendix App - with the after startup flow from the LDAP module, `Ldap.ASu_StartLdap`, added to your project settings.

3. Navigate to the LDAP config in your browser, and enter the username and password for the LDAP server - your sysadmin should give you these credentials

answered
1

The error message that you are referring to comes from the encryption module. You will get that error if the password has been encrypted with a different key than that you are using to read it.

In other words when you setup your ldap configuration and entered the password, you had a different value in the 'EncryptionKey' constant. 

 

To resolve this, keep the constant as it is right now. Go to the ldap configuration and re-enter the password in the password field, then click the button 'Test Connection' again.

(The 'Test Connection' button commits the configuration and the Java reads all the necessary parameters, so you don't need to do anything else)

answered
0

Since the decryption method is called from LDAPModule.java, the after start up microflow is needed to load the correct configuration and context for the action to work as expected.

 

answered
0

You could try adding a logging activity to your after startup microflow to verify that the encryption constant has the value you specified in the yaml file

BUT BE SURE TO REMOVE IT AFTER TESTING - DO NOT FORGET!!!!!!

You could also try to do a live debug: https://docs.mendix.com/howto/monitoring-troubleshooting/debug-microflows-remotely

Add a debug event to the microflow BCo_LdapServerEncryptPassword and verify that the password is being encrypted with the encryption key you specified.

I'm not sure how live debugging is done on a on-premise linux server, but seems like the only way you can try and figure out what is going wrong and where.

Hope this helps.

answered