manifoldcf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Wright (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CONNECTORS-1244) Support SSL in LDAP authority
Date Wed, 23 Sep 2015 11:06:04 GMT

    [ https://issues.apache.org/jira/browse/CONNECTORS-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14904343#comment-14904343
] 

Karl Wright commented on CONNECTORS-1244:
-----------------------------------------

There's an unfortunate wrinkle here.

According to the documentation, the class that is used as a socket factory must be specified
*by name*:

{code}
// Specify the socket factory
env.put("java.naming.ldap.factory.socket", "CustomSocketFactory");
{code}

This means that it must be found by reflection from the LDAP library itself.  That may well
be a problem given the classloader structure of MCF.  It basically seems to require that the
custom socket factory be findable from the lowest level of class hierarchy, and also that
the custom socket factory be instantiable with the default constructor.  Both of these basically
mean we can't do anything particularly useful with this feature, other than just turn off
cert checking on our end (probably OK for this app).

More research needed to see if this is in fact correct...

> Support SSL in LDAP authority
> -----------------------------
>
>                 Key: CONNECTORS-1244
>                 URL: https://issues.apache.org/jira/browse/CONNECTORS-1244
>             Project: ManifoldCF
>          Issue Type: Improvement
>          Components: LDAP authority
>    Affects Versions: ManifoldCF 2.3
>            Reporter: Karl Wright
>            Assignee: Karl Wright
>             Fix For: ManifoldCF 2.3
>
>
> The LDAP authority doesn't work with LDAP instances that require SSL.  See this link
for what needs to be done to support SSL fully:
> http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message