Pb solved.
I now have issue with the startTLS extended request handling on the server.
Will look at it tonite.
On 17/01/2022 14:50, Emmanuel Lécharny wrote:
Ok, beside a few tweaks, MINA 2.2 works just fine with the LDAP API.
However, there aws a removal of the SslSession from the IoSession, and
it's used by the server in the ExternalSaslServer:
public byte[] evaluateResponse( byte[] initialResponse ) throws
SaslException
{
try
{
SSLSession sslSession = ( SSLSession )
getLdapSession().getIoSession().getAttribute( SslFilter.SSL_SESSION );
Certificate[] peerCertificates =
sslSession.getPeerCertificates();
if ( null == peerCertificates || 1 > peerCertificates.length )
{
throw new SaslException( "No peer certificate provided
- cancel bind." );
}
getLdapSession().setCoreSession( authenticate(
peerCertificates[0] ) );
state = NegotiationState.COMPLETED;
}
We can most certainly get it back in MINA.
On 17/01/2022 09:37, Emmanuel Lécharny wrote:
Hi !
this morning, I will test the LDAP API (and the server) with a new
version of MINA (2.2) which has a totally rewritten SSL handler.
Hopefully, it will solve the TLS 1.3 issue and be slightly faster.
I'll keep you informed !
--
*Emmanuel Lécharny - CTO* 205 Promenade des Anglais – 06200 NICE
T. +33 (0)4 89 97 36 50
P. +33 (0)6 08 33 32 61
[email protected] https://www.busit.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
