manifoldcf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Wright (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CONNECTORS-1244) Support SSL in LDAP authority
Date Wed, 23 Sep 2015 20:02:04 GMT

    [ https://issues.apache.org/jira/browse/CONNECTORS-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14905144#comment-14905144
] 

Karl Wright commented on CONNECTORS-1244:
-----------------------------------------

For an SSL socket factory to be created out of nothing (that is, so it can be passed by name
as an LDAP parameter), we have to reconcile how such socket factories are usually created:

{code}
      // Create an SSL context
      javax.net.ssl.SSLContext sslContext = javax.net.ssl.SSLContext.getInstance("SSL");
      sslContext.init(((keyManagerFactory==null)?null:keyManagerFactory.getKeyManagers()),((trustManagerFactory==null)?null:trustManagerFactory.getTrustManagers()),
        secureRandom);

      return sslContext.getSocketFactory();
{code}

... with how we need the ldap code to be able to create them:

{code}
return (SSLSocketFactory)newInstance("myclassname");
{code}

This means we will need to create a class in core that we can reference by name that extends
SSLSocketFactory, which wraps another SSLSocketFactory it must create from an SSLContext.
 This all has to happen either in the class's constructor, or upon its first use.



> Support SSL in LDAP authority
> -----------------------------
>
>                 Key: CONNECTORS-1244
>                 URL: https://issues.apache.org/jira/browse/CONNECTORS-1244
>             Project: ManifoldCF
>          Issue Type: Improvement
>          Components: LDAP authority
>    Affects Versions: ManifoldCF 2.3
>            Reporter: Karl Wright
>            Assignee: Karl Wright
>             Fix For: ManifoldCF 2.3
>
>
> The LDAP authority doesn't work with LDAP instances that require SSL.  See this link
for what needs to be done to support SSL fully:
> http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message