[
https://issues.apache.org/jira/browse/DIRSTUDIO-1015?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14338418#comment-14338418
]
Emmanuel Lecharny commented on DIRSTUDIO-1015:
----------------------------------------------
You can close the TLS connection without closing the underlying connection, and
send some more (uncrypted) requests. You can also brutally close the whole
connection, which will close the TLS connection :
https://www.ietf.org/rfc/rfc2830.txt
" 4.2. Abrupt Closure
Either the client or server MAY abruptly close the entire LDAP
association and any TLS connection established on it by dropping the
underlying TCP connection. A server MAY beforehand send the client a
Notice of Disconnection [LDAPv3] in this case."
One more thing : the default for Studio is not to use JNDI. We default to the
LDAP API.
> Question about the closing of TLS connection in Apache Directory Studio
> -----------------------------------------------------------------------
>
> Key: DIRSTUDIO-1015
> URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1015
> Project: Directory Studio
> Issue Type: Question
> Reporter: alexander todorov
>
> Hi,
> I am looking in the sources of Apache Directory Studio and I have a question.
> In the class
> org.apache.directory.studio.connection.core.io.jndi.JNDIConnectionWrapper
> I see that in the method disconnect, the connection is closed only by
> invoking of context.close() (context is of type InitialLdapContext).
> My question is:
> In case of using of StartTLS extension why don’t you call
> StartTlsResponse.close() prior to context.close() ?
> StartTlsResponse.close() sends the TLS alert - close_notify.
> Is it safe not to call StartTlsResponse.close() ?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
