David B Hinz wrote: > > Nelson, > > In the Solaris 10 patch that Sun released on Tuesday, Sept 23, 2008, the > JAVA LDAP JDK has been updated. > (http://sunsolve.sun.com/search/document.do?assetkey=1-34-10-1) > > Patch 119725-04 updated Java LDAP to 4.18 > Patch 119725-05 updated Java LDAP to 4.20 > Patch 119725-06 updated Java LDAP to 4.21 (in the release from Tuesday)
Who is the ldapjdk maintainer within Sun? Would they be interested in being the Mozilla LDAP JDK maintainer? Nelson or Anton, could you guys find out? > > It also includes a patch, 116837-03, to the LDAP C SDK library to > version 5.18. > > The patch, 119213-17, includes NSS 3.11.9, NSPR 4.7, and JSS 4.2.6. > > david. > > > [EMAIL PROTECTED] wrote: > ----- > > >To: [email protected] > >From: Nelson Bolyard <[EMAIL PROTECTED]> > >Sent by: [EMAIL PROTECTED] > >Date: 09/25/2008 12:38PM > >Subject: Re: Where is the recent Java LDAP-SSL code? > > > >Rich Megginson wrote, On 2008-09-24 19:00: > >> Nelson Bolyard wrote: > >>> The Java LDAP SSL code in java-sdk/ldapjdk/netscape/ldap on the > >trunk > >>> is very old, dating back to 2002, and bearing the tag > >LDAPJavaSDK_418. > >>> > >>> > >http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/directory/java-sd > >k/ldapjdk/netscape/ldap/factory/JSSSocketFactory.java&rev=1.3&mark=14 > >6#129 > >>> > >>> > >http://bonsai.mozilla.org/cvsgraph.cgi?file=mozilla/directory/java-sd > >k/ldapjdk/netscape/ldap/factory/JSSSocketFactory.java > >>> > >>> Is that the latest version? > >> Yes. > > > >> That's the latest that I know of. I'm not aware of anything later. > > I > >> think there might be a couple of patches in bugzilla that might > >have > >> made it to HEAD. > >> > >>> Or are some vendors shipping private newer versions of it? > >> > >> Not that I know of. I think jpackage.org has 4.17 or 4.18, which > >are > >> the versions included with various versions of Red Hat Enterprise > >Linux, > >> Fedora, and some other linux distros. That's also the version we > >> include with the Red Hat (ex-Netscape) server products. > > > >Thanks, Rich, > > > >The question to which I am ultimately trying to get is: > >Does this Java LDAP SDK support SSL client authentication with > >client > >certificates? > >And my conclusion at this time is: no, it does not. > > > >I base that on these observations. > >1. There are exactly two ways to do SSL client authentication with > >certificates using JSS. They are: > > > >a) Supplying a certApprovalCallback as an argument to the SSLSocket > >constructor, which this SDK does not do, as seen at > >http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/directory/java-sd > >k/ldapjdk/netscape/ldap/factory/JSSSocketFactory.java&rev=1.3&mark=14 > >6#129 > > > >b) Calling either of the following two methods on the SSLSocket > >object > >before doing the handshake: > >setClientCertNickname > >setClientCert > >Based on the content of this page: > >http://mxr.mozilla.org/mozilla/search?string=setClientCert&find=ldapj > >dk > >I conclude that the ldapjdk does not do that, either. > > > >So, based on the above observations, I conclude that this Java LDAP > >SDK > >has no support for SSL client authentication with certificates. > > > >Rich, Do you concur with that conclusion? > >_______________________________________________ > >dev-tech-ldap mailing list > >[email protected] > >https://lists.mozilla.org/listinfo/dev-tech-ldap _______________________________________________ dev-tech-ldap mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-ldap
