[
https://issues.apache.org/jira/browse/DIRAPI-301?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16209129#comment-16209129
]
Jens-Uwe Hartmann commented on DIRAPI-301:
------------------------------------------
I mentioned this issue, while developing an Android application. Developing the
access to an OpenLDAP-Server first in native Java. There the unsecured
connection worked properly.
At the moment, when I took the code and integrated it to the android
application, it failed.
Is there any kind of proper way of work around?
Thank you
> Ldaps connection trusts all certificates
> ----------------------------------------
>
> Key: DIRAPI-301
> URL: https://issues.apache.org/jira/browse/DIRAPI-301
> Project: Directory Client API
> Issue Type: Bug
> Affects Versions: 1.0.0
> Environment: Windows 10 & Ubuntu 14.04
> Reporter: Natan Abolafya
> Labels: security
>
> Thankfully we had an integration test for this, otherwise this is a major
> security issue.
> This was working as expected on 1.0.0-RC2 but as soon as I bumped to 1.0.0,
> the test started failing. "Affects version" says there is no 1.0.0 btw, but
> Maven disagrees.
> I don't know about the raw APIs but this happens when
> `LdapConnectionTemplate` is used. Thankfully I was able to work around it by
> assigning Java's default TrustManager.
> LdapConnectionConfig config = new LdapConnectionConfig();
> ....
> TrustManagerFactory tmf =
> TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
> tmf.init((KeyStore) null);
> config.setTrustManagers(tmf.getTrustManagers());
> ...
> DefaultLdapConnectionFactory connectionFactory = new
> DefaultLdapConnectionFactory(config);
> return new LdapConnectionTemplate(new LdapConnectionPool(new
> ValidatingPoolableLdapConnectionFactory(connectionFactory))));
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
