db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kathey Marsden (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-857) LDAP user authentication fails under a security manager
Date Tue, 16 Oct 2007 15:19:50 GMT

    [ https://issues.apache.org/jira/browse/DERBY-857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12535265

Kathey Marsden commented on DERBY-857:

Bryan said:

>I'm not sure how proposal (1) differs from proposal (3). Is there more
>to the LDAP tracing than just setting this value? Is it correct to say that
>(1) is the first step toward (3), but there may be more subsequent security
>problems to be resolved? 

1 is the first step toward 3 I suppose, but the problem is that the tracing does not seem
to be working. Just an empty file gets created. I don't think it is security problems but
something else,  I think I will do 1 and then open up another task to investigate LDAP tracing
with derby.debug.true=AuthenticationTrace set. Does that sound ok?

> LDAP user authentication fails under a security manager
> -------------------------------------------------------
>                 Key: DERBY-857
>                 URL: https://issues.apache.org/jira/browse/DERBY-857
>             Project: Derby
>          Issue Type: Bug
>          Components: Security
>    Affects Versions:,,,,
>            Reporter: Daniel John Debrunner
>            Assignee: Kathey Marsden
> Running the test jdbcapi/secureUsers1.sql with a security manager results in:
> > ERROR 08004: Connection refused : javax.naming.CommunicationException: noSuchMachine:389
[Root exception is java.security.AccessControlException: access denied (java.net.SocketPermission
noSuchMachine resolve)]
> Adding this permission to the policy file has no effect. which means a priv block is
required around the LDAP call.
> permission java.net.SocketPermission "noSuchMachine", "resolve";

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message