search

ramakrishnach04 / vt-middleware

Automatically exported from code.google.com/p/vt-middleware
0 stars 0 forks source link

vt-ldap: ldaps certificate hostname validation #129

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
JNDI does not perform hostname validation for LDAPS.

References:
http://docs.oracle.com/javase/1.5.0/docs/guide/security/jsse/JSSERefGuide.html
(see Remote Entity Verification)
https://forums.oracle.com/forums/thread.jspa?messageID=4694826&#4694826
https://issues.apache.org/jira/browse/DIRSTUDIO-263

Modify the connection handler to detect whether LDAPS is being used and install 
a hostname verifier if no SSLSocketFactory has been configured.

Original issue reported on code.google.com by dfis...@gmail.com on 23 Jan 2012 at 4:05

GoogleCodeExporter commented 8 years ago 
Hostname verifier should match the implementation used by startTLS as near as 
possible.

Original comment by dfis...@gmail.com on 23 Jan 2012 at 4:06

GoogleCodeExporter commented 8 years ago 
Committed fix in r2217.

Original comment by dfis...@gmail.com on 23 Jan 2012 at 7:58

GoogleCodeExporter commented 8 years ago

Original comment by dfis...@gmail.com on 21 Feb 2012 at 9:37