You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@manifoldcf.apache.org by "Karl Wright (JIRA)" <ji...@apache.org> on 2015/09/23 13:06:04 UTC
[jira] [Commented] (CONNECTORS-1244) Support SSL in LDAP authority
[ https://issues.apache.org/jira/browse/CONNECTORS-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14904343#comment-14904343 ]
Karl Wright commented on CONNECTORS-1244:
-----------------------------------------
There's an unfortunate wrinkle here.
According to the documentation, the class that is used as a socket factory must be specified *by name*:
{code}
// Specify the socket factory
env.put("java.naming.ldap.factory.socket", "CustomSocketFactory");
{code}
This means that it must be found by reflection from the LDAP library itself. That may well be a problem given the classloader structure of MCF. It basically seems to require that the custom socket factory be findable from the lowest level of class hierarchy, and also that the custom socket factory be instantiable with the default constructor. Both of these basically mean we can't do anything particularly useful with this feature, other than just turn off cert checking on our end (probably OK for this app).
More research needed to see if this is in fact correct...
> Support SSL in LDAP authority
> -----------------------------
>
> Key: CONNECTORS-1244
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1244
> Project: ManifoldCF
> Issue Type: Improvement
> Components: LDAP authority
> Affects Versions: ManifoldCF 2.3
> Reporter: Karl Wright
> Assignee: Karl Wright
> Fix For: ManifoldCF 2.3
>
>
> The LDAP authority doesn't work with LDAP instances that require SSL. See this link for what needs to be done to support SSL fully:
> http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)