db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bryan Pendleton (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-857) LDAP user authentication fails under a security manager
Date Tue, 16 Oct 2007 14:28:51 GMT

    [ https://issues.apache.org/jira/browse/DERBY-857?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12535254
] 

Bryan Pendleton commented on DERBY-857:
---------------------------------------

I'm not sure how proposal (1) differs from proposal (3). Is there more
to the LDAP tracing than just setting this value? Is it correct to say that
(1) is the first step toward (3), but there may be more subsequent security
problems to be resolved?


> LDAP user authentication fails under a security manager
> -------------------------------------------------------
>
>                 Key: DERBY-857
>                 URL: https://issues.apache.org/jira/browse/DERBY-857
>             Project: Derby
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.2.1.6
>            Reporter: Daniel John Debrunner
>            Assignee: Kathey Marsden
>
> Running the test jdbcapi/secureUsers1.sql with a security manager results in:
> > ERROR 08004: Connection refused : javax.naming.CommunicationException: noSuchMachine:389
[Root exception is java.security.AccessControlException: access denied (java.net.SocketPermission
noSuchMachine resolve)]
> Adding this permission to the policy file has no effect. which means a priv block is
required around the LDAP call.
> permission java.net.SocketPermission "noSuchMachine", "resolve";

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message