[ https://issues.apache.org/jira/browse/QPID-8208?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Rudyy updated QPID-8208: ----------------------------- Description: There is a weakness in Qpid exception handling when communication with external services like LDAP. The Broker should take a more defensive approach and handle unexpected exceptions thrown by underlying third-party API in addition to exceptions declared in API interfaces. The unexpected exceptions thrown by underlying API should not affect the stability of the Broker. It was reported that on establishment of connection with LDAP using default context factory {{com.sun.jndi.ldap.LdapCtxFactory}} the creation of {{InitialDirContext}} can end-up in unexpected exception thrown from {{com.sun.jndi.ldap.LdapClient}}. It looks like a defect in {{com.sun.jndi.ldap.LdapClient}}, but I could not find any existing open bug report raised against JVM with similar behaviour. I think that Broker should catch unexpected exception, log it and report authentication failure back to the client. was: There is a weakness in Qpid exception handling when communication with external services like LDAP. The Broker should take a more defensive approach and handle unexpected exceptions thrown by underlying third-party API in addition to exceptions declared in API interfaces. The unexpected exceptions thrown by underlying API should not affect the stability of the Broker. It was reported that on establishment of connection with LDAP using default context factory {{com.sun.jndi.ldap.LdapCtxFactory}} the creation of {{InitialDirContext}} can end-up in unexpected exception thrown from {{com.sun.jndi.ldap.LdapClient}}. It looks like a defect in {{com.sun.jndi.ldap.LdapClient}}, but I could not find any existing open bug report raised against with similar behaviour. I think that Broker should catch unexpected exception, log it and report authentication failure back to the client. > [Broker-J] Improve handling of unexpected exceptions on establishing LDAP > connections in SimpleLDAPAuthenticationProvider > -------------------------------------------------------------------------------------------------------------------------- > > Key: QPID-8208 > URL: https://issues.apache.org/jira/browse/QPID-8208 > Project: Qpid > Issue Type: Improvement > Components: Broker-J > Affects Versions: qpid-java-6.1.6, qpid-java-broker-7.0.3, > qpid-java-broker-7.0.2, 0.32, qpid-java-6.0, qpid-java-6.0.1, > qpid-java-6.0.2, qpid-java-6.0.3, qpid-java-6.0.4, qpid-java-6.0.5, > qpid-java-6.1, qpid-java-6.0.6, qpid-java-6.1.1, qpid-java-6.1.2, > qpid-java-6.0.7, qpid-java-6.1.3, qpid-java-6.0.8, qpid-java-6.1.4, > qpid-java-broker-7.0.0, qpid-java-6.1.5, qpid-java-broker-7.0.1, > qpid-java-broker-7.0.4 > Reporter: Alex Rudyy > Priority: Critical > Fix For: qpid-java-broker-7.0.6 > > Attachments: 0001-QPID-8208-Broker-J-Improve-exception-handling.patch > > > There is a weakness in Qpid exception handling when communication with > external services like LDAP. The Broker should take a more defensive approach > and handle unexpected exceptions thrown by underlying third-party API in > addition to exceptions declared in API interfaces. The unexpected exceptions > thrown by underlying API should not affect the stability of the Broker. > It was reported that on establishment of connection with LDAP using default > context factory {{com.sun.jndi.ldap.LdapCtxFactory}} the creation of > {{InitialDirContext}} can end-up in unexpected exception thrown from > {{com.sun.jndi.ldap.LdapClient}}. It looks like a defect in > {{com.sun.jndi.ldap.LdapClient}}, but I could not find any existing open bug > report raised against JVM with similar behaviour. I think that Broker should > catch unexpected exception, log it and report authentication failure back to > the client. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org