You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@logging.apache.org by GitBox <gi...@apache.org> on 2021/12/10 19:09:15 UTC

[GitHub] [logging-log4j2] albertinix commented on pull request #608: Restrict LDAP access via JNDI

albertinix commented on pull request #608:
URL: https://github.com/apache/logging-log4j2/pull/608#issuecomment-991225381


   Does anyone know if removing the `JndiLookup` class is enough?
   
   On the [Apache Log4j2 page](https://logging.apache.org/log4j/2.x/) it's stated to:
   
   >Remove the JndiLookup **and JndiManager** classes from the log4j-core jar.
   
   (emphasis mine)
   
   However, the only place where I've seen that being stated is on that page.
   
   So - is it required to remove the `JndiManager` class as well?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@logging.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org