You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/06/27 12:01:00 UTC
[jira] [Commented] (QPID-8208) [Broker-J] Improve handling of
unexpected exceptions on establishing LDAP connections in
SimpleLDAPAuthenticationProvider
[ https://issues.apache.org/jira/browse/QPID-8208?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16524960#comment-16524960 ]
ASF GitHub Bot commented on QPID-8208:
--------------------------------------
GitHub user overmeulen opened a pull request:
https://github.com/apache/qpid-broker-j/pull/9
[QPID-8208] Fix Sybase support for the link-store
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/overmeulen/qpid-broker-j bugfix/QPID-8208
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/qpid-broker-j/pull/9.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #9
----
commit 664c066f00c1c4bb4d381629441d999453735fca
Author: overmeulen <ov...@...>
Date: 2018-06-27T11:57:19Z
[QPID-8208] Fix Sybase support for the link-store
----
> [Broker-J] Improve handling of unexpected exceptions on establishing LDAP connections in SimpleLDAPAuthenticationProvider
> --------------------------------------------------------------------------------------------------------------------------
>
> Key: QPID-8208
> URL: https://issues.apache.org/jira/browse/QPID-8208
> Project: Qpid
> Issue Type: Improvement
> Components: Broker-J
> Affects Versions: qpid-java-6.1.6, qpid-java-broker-7.0.3, qpid-java-broker-7.0.2, 0.32, qpid-java-6.0, qpid-java-6.0.1, qpid-java-6.0.2, qpid-java-6.0.3, qpid-java-6.0.4, qpid-java-6.0.5, qpid-java-6.1, qpid-java-6.0.6, qpid-java-6.1.1, qpid-java-6.1.2, qpid-java-6.0.7, qpid-java-6.1.3, qpid-java-6.0.8, qpid-java-6.1.4, qpid-java-broker-7.0.0, qpid-java-6.1.5, qpid-java-broker-7.0.1, qpid-java-broker-7.0.4
> Reporter: Alex Rudyy
> Priority: Critical
>
> There is a weakness in Qpid exception handling when communication with external services like LDAP. The Broker should take a more defensive approach and handle unexpected exceptions thrown by underlying third-party API in addition to exceptions declared in API interfaces. The unexpected exceptions thrown by underlying API should not affect the stability of the Broker.
> It was reported that on establishment of connection with LDAP using default context factory {{com.sun.jndi.ldap.LdapCtxFactory}} the creation of {{InitialDirContext}} can end-up in unexpected exception thrown from {{com.sun.jndi.ldap.LdapClient}}. It looks like a defect in {{com.sun.jndi.ldap.LdapClient}}, but I could not find any existing open bug report raised against JVM with similar behaviour. I think that Broker should catch unexpected exception, log it and report authentication failure back to the client.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org