You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/06/27 12:01:00 UTC

[jira] [Commented] (QPID-8208) [Broker-J] Improve handling of unexpected exceptions on establishing LDAP connections in SimpleLDAPAuthenticationProvider

    [ https://issues.apache.org/jira/browse/QPID-8208?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16524960#comment-16524960 ] 

ASF GitHub Bot commented on QPID-8208:
--------------------------------------

GitHub user overmeulen opened a pull request:

    https://github.com/apache/qpid-broker-j/pull/9

    [QPID-8208] Fix Sybase support for the link-store

    

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/overmeulen/qpid-broker-j bugfix/QPID-8208

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/qpid-broker-j/pull/9.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #9
    
----
commit 664c066f00c1c4bb4d381629441d999453735fca
Author: overmeulen <ov...@...>
Date:   2018-06-27T11:57:19Z

    [QPID-8208] Fix Sybase support for the link-store

----


> [Broker-J] Improve handling of unexpected exceptions  on establishing LDAP connections in SimpleLDAPAuthenticationProvider
> --------------------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-8208
>                 URL: https://issues.apache.org/jira/browse/QPID-8208
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Broker-J
>    Affects Versions: qpid-java-6.1.6, qpid-java-broker-7.0.3, qpid-java-broker-7.0.2, 0.32, qpid-java-6.0, qpid-java-6.0.1, qpid-java-6.0.2, qpid-java-6.0.3, qpid-java-6.0.4, qpid-java-6.0.5, qpid-java-6.1, qpid-java-6.0.6, qpid-java-6.1.1, qpid-java-6.1.2, qpid-java-6.0.7, qpid-java-6.1.3, qpid-java-6.0.8, qpid-java-6.1.4, qpid-java-broker-7.0.0, qpid-java-6.1.5, qpid-java-broker-7.0.1, qpid-java-broker-7.0.4
>            Reporter: Alex Rudyy
>            Priority: Critical
>
> There is a weakness in Qpid exception handling when communication with external services like LDAP. The Broker should take a more defensive approach and handle unexpected exceptions thrown by underlying third-party API in addition to exceptions declared in API interfaces. The unexpected exceptions thrown by underlying API should not affect the stability of the Broker. 
> It was reported that on establishment of connection with LDAP using default context factory {{com.sun.jndi.ldap.LdapCtxFactory}} the creation of  {{InitialDirContext}} can end-up in unexpected exception thrown from {{com.sun.jndi.ldap.LdapClient}}. It looks like a defect in {{com.sun.jndi.ldap.LdapClient}}, but I could not find any existing open bug report raised against JVM with similar behaviour. I think that Broker should catch unexpected exception, log it and report authentication failure back to the client.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org