Closed DOSarrest closed 7 years ago
Sure let me take a look at adding this
We have made a fork which should be working with TLS here... https://github.com/DOSarrest/dropwizard-auth-ldap We am not sure if this is still compatible with SSL because we do not have one available. We added a boolean TLS flag and converted the AutoclosingDirContext to AutoclosingLdapContext which extends InitialLdapContext. This was necessary because TLS can only be initialized through InitialLdapContext through adding an extended operation which initiates the StartTLS request.
If you are satisfied with the changes and would like us to make a pull request please let us know.
I added this functionality in the 1.0.3 release. TLS negotiation is now enabled by default and if it fails it falls back to ldap or ldaps depending on the original URI you configured. You can disable TLS negotiation by setting negotiateTls: false
in the configuraiton, but otherwise it is set to true
by default.
closing due to inactivity
Can you add TLS support? SSL versions are no longer recommended in many environments due to security concerns.