For LDAP authentication: derby.authentication.server should support ldaps:// as
part of the server url.
-------------------------------------------------------------------------------------------------------
Key: DERBY-1000
URL: http://issues.apache.org/jira/browse/DERBY-1000
Project: Derby
Type: Bug
Components: Newcomer, Security
Versions: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.1.1, 10.1.1.2, 10.1.2.0,
10.1.2.1, 10.1.2.2, 10.2.0.0
Environment: all
Reporter: Sunitha Kambhampati
Priority: Trivial
ij> connect 'jdbc:derby:testdb;user=a;password=p';
ERROR 08004: Connection refused : javax.naming.InvalidNameException: Invalid
name: /server.xyz.com:636
Code - LDAPAuthenticationSchemeImpl#setJNDIProviderProperties.
Problem is the code expects that if Context.PROVIDER_URL is not and if
derby.authentication.server is set, then the ldapServer is either of the format
//server:port or it already starts with ldap:// else it just adds ldap:// .
Thus for a ldaps://xyz.com:636 url , it will become ldap://ldaps://xyz.com:636
in the code snippet, dflLDAPURL is ldap://
if (ldapServer.startsWith(dfltLDAPURL))
this.providerURL = ldapServer;
else if (ldapServer.startsWith("//"))
this.providerURL = "ldap:" + ldapServer;
else
this.providerURL = dfltLDAPURL +
ldapServer;
}
initDirContextEnv.put(Context.PROVIDER_URL,
providerURL);
We should support specifiying secure ldap , ie ldaps:// in the
derby.authentication.server. Add condition to support the ldaps://
ie.
if (ldapServer.startsWith(dfltLDAPURL) ||
ldapServer.startsWith("ldaps://"))
this.providerURL = ldapServer;
========
A workaround to the problem is to set the Context.PROVIDER_URL instead.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
