[
https://issues.apache.org/jira/browse/CONNECTORS-1244?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14905334#comment-14905334
]
Karl Wright commented on CONNECTORS-1244:
-----------------------------------------
r1704939 creates a couple of classes which will support LDAP's use of SSL, as
follows:
org.apache.manifoldcf.core.common.LDAPSSLSocketFactory - should be referenced
by ldap configuration by name when SSL is used with ldap; receives the desired
SSLSocketFactoryProducer via thread local storage, since that's the only way to
do it.
org.apache.manifoldcf.connectorcommon.keystore.TrustingSSLSocketFactoryProducer
- use only when there is no cert checking desired, otherwise use the standard
KeystoreManager class.
I've convinced myself that using the Trusting class is probably a giant
security hole in the case of the LDAP authority, so the next step is to provide
UI support for keystore management.
> Support SSL in LDAP authority
> -----------------------------
>
> Key: CONNECTORS-1244
> URL: https://issues.apache.org/jira/browse/CONNECTORS-1244
> Project: ManifoldCF
> Issue Type: Improvement
> Components: LDAP authority
> Affects Versions: ManifoldCF 2.3
> Reporter: Karl Wright
> Assignee: Karl Wright
> Fix For: ManifoldCF 2.3
>
>
> The LDAP authority doesn't work with LDAP instances that require SSL. See
> this link for what needs to be done to support SSL fully:
> http://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
