chrisgray
commented
7 years ago Sure let me take a look at adding this
Closed DOSarrest closed 7 years ago
chrisgray
commented
7 years ago Sure let me take a look at adding this
DOSarrest
commented
7 years ago We have made a fork which should be working with TLS here... https://github.com/DOSarrest/dropwizard-auth-ldap We am not sure if this is still compatible with SSL because we do not have one available. We added a boolean TLS flag and converted the AutoclosingDirContext to AutoclosingLdapContext which extends InitialLdapContext. This was necessary because TLS can only be initialized through InitialLdapContext through adding an extended operation which initiates the StartTLS request.
DOSarrest
commented
7 years ago If you are satisfied with the changes and would like us to make a pull request please let us know.
chrisgray
commented
7 years ago I added this functionality in the 1.0.3 release. TLS negotiation is now enabled by default and if it fails it falls back to ldap or ldaps depending on the original URI you configured. You can disable TLS negotiation by setting negotiateTls: false in the configuraiton, but otherwise it is set to true by default.
chrisgray
commented
7 years ago closing due to inactivity
Can you add TLS support? SSL versions are no longer recommended in many environments due to security concerns.