Derby
  1. Derby
  2. DERBY-870

Update documentation on setting up LDAP user authentication.

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 10.0.2.0, 10.0.2.1, 10.0.2.2, 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6
    • Fix Version/s: 10.6.1.0
    • Component/s: Documentation
    • Labels:
      None

      Description

      http://db.apache.org/derby/docs/dev/devguide/rdevcsecure608.html
      This talks about needing jndi.jar , ldap.jar and providerUtil.jar.

      I think this is not true anymore with the latest 1.4.2 vms atleast, and should be updated. It seems like with 1.4.2 etc, all these classes are in rt.jar. Need to verify and the doc needs to be updated.

      1. DERBY-870.stat
        0.2 kB
        Kim Haase
      2. DERBY-870.diff
        9 kB
        Kim Haase
      3. cdevcsecure41285.html
        5 kB
        Kim Haase

        Issue Links

          Activity

          Hide
          Francois Orsini added a comment -

          Correct - Minor nit is that I think they started to be included at part of JRE 1.3.1...

          Show
          Francois Orsini added a comment - Correct - Minor nit is that I think they started to be included at part of JRE 1.3.1...
          Hide
          Jeff Levitt added a comment -

          Has this been verified? If someone can confirm what is now needed, I would be happy to make a patch to update this part of the doc.

          Show
          Jeff Levitt added a comment - Has this been verified? If someone can confirm what is now needed, I would be happy to make a patch to update this part of the doc.
          Hide
          Sunitha Kambhampati added a comment -

          I tried with 'no' additional jars and I could get LDAP authentication to work with derby with
          ibm142,jdk142,jdk15

          But with jdk141, ibm141, and ibm13- I get the following error

          This is what is in the DirContext.

          {java.naming.provider.url=ldaps://xyz.abc.com:636, ava.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.authentication=simple}

          ERROR 08004: Connection refused : javax.naming.NamingException: Cannot parse url: ldaps://xyz.abc.com:636 [Root exception is java.net.MalformedURLException: Not an LDAP URL: ldaps://xyz.abc.com:636]

          Not sure if this is related to since this is secure ldap.

          Has anyone else tried it out with 1.3.1 or 1.4.1 vms successfully. If so, please share your results. Thanks.

          Show
          Sunitha Kambhampati added a comment - I tried with 'no' additional jars and I could get LDAP authentication to work with derby with ibm142,jdk142,jdk15 But with jdk141, ibm141, and ibm13- I get the following error This is what is in the DirContext. {java.naming.provider.url=ldaps://xyz.abc.com:636, ava.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.authentication=simple} ERROR 08004: Connection refused : javax.naming.NamingException: Cannot parse url: ldaps://xyz.abc.com:636 [Root exception is java.net.MalformedURLException: Not an LDAP URL: ldaps://xyz.abc.com:636] Not sure if this is related to since this is secure ldap. Has anyone else tried it out with 1.3.1 or 1.4.1 vms successfully. If so, please share your results. Thanks.
          Hide
          Anders Morken added a comment -

          According to http://java.sun.com/j2se/1.3/docs/guide/jndi/index.html , yes, JNDI was included from the 1.3 release of Java. As this is the lowest version supported by Derby, I guess we can remove the referene to the jar file requirements. Also, http://java.sun.com/j2se/1.4.2/docs/guide/jndi/index.html states that Java 1.4.2 or above is required for ldaps:// URLs to work. I suppose we might add a mention of this somewhere instead, if we start supporting ldaps:// urls (see DERBY-1000).

          Show
          Anders Morken added a comment - According to http://java.sun.com/j2se/1.3/docs/guide/jndi/index.html , yes, JNDI was included from the 1.3 release of Java. As this is the lowest version supported by Derby, I guess we can remove the referene to the jar file requirements. Also, http://java.sun.com/j2se/1.4.2/docs/guide/jndi/index.html states that Java 1.4.2 or above is required for ldaps:// URLs to work. I suppose we might add a mention of this somewhere instead, if we start supporting ldaps:// urls (see DERBY-1000 ).
          Hide
          Kim Haase added a comment -

          I came across this issue while working on DERBY-4592. It appears that not only is "Libraries for LDAP user authentication" (rdevcsecure608.dita) obsolete, so is some of the language in "LDAP directory service" (cdevcsecure41285.dita) – the LDAP servers named in it are also obsolete. And since "Considerations when using Windows NT with LDAP" (cdevcsecure863611.dita) refers to one of these obsolete servers, that topic is also obsolete.

          I was just going to remove the reference to Sun from rdevcsecure608.dita, but I might as well fix these problems while I'm at it.

          Show
          Kim Haase added a comment - I came across this issue while working on DERBY-4592 . It appears that not only is "Libraries for LDAP user authentication" (rdevcsecure608.dita) obsolete, so is some of the language in "LDAP directory service" (cdevcsecure41285.dita) – the LDAP servers named in it are also obsolete. And since "Considerations when using Windows NT with LDAP" (cdevcsecure863611.dita) refers to one of these obsolete servers, that topic is also obsolete. I was just going to remove the reference to Sun from rdevcsecure608.dita, but I might as well fix these problems while I'm at it.
          Hide
          Kim Haase added a comment -

          Attaching DERBY-870.diff, DERBY-870.stat, and cdevcsecure41285.html, reflecting the following changes:

          M src/devguide/derbydev.ditamap
          D src/devguide/rdevcsecure608.dita
          D src/devguide/cdevcsecure863611.dita
          M src/devguide/cdevcsecure41285.dita

          I removed the two obsolete topics, added a mention of the LDAP classes in the JDK runtime jar to the main topic, and changed the list of LDAP servers to include current ones (at least according to Wikipedia). I also revised the map to make this shrunken topic group a simple family, deleting the relcells.

          I plan to commit this patch in a couple days unless I hear that changes are needed.

          Show
          Kim Haase added a comment - Attaching DERBY-870 .diff, DERBY-870 .stat, and cdevcsecure41285.html, reflecting the following changes: M src/devguide/derbydev.ditamap D src/devguide/rdevcsecure608.dita D src/devguide/cdevcsecure863611.dita M src/devguide/cdevcsecure41285.dita I removed the two obsolete topics, added a mention of the LDAP classes in the JDK runtime jar to the main topic, and changed the list of LDAP servers to include current ones (at least according to Wikipedia). I also revised the map to make this shrunken topic group a simple family, deleting the relcells. I plan to commit this patch in a couple days unless I hear that changes are needed.
          Hide
          Kim Haase added a comment -

          Having received no comments, committed patch DERBY-870.diff to documentation trunk at revision 927171.

          Show
          Kim Haase added a comment - Having received no comments, committed patch DERBY-870 .diff to documentation trunk at revision 927171.
          Hide
          Kim Haase added a comment -

          Changes have appeared in Latest Alpha Manuals, so closing.

          Show
          Kim Haase added a comment - Changes have appeared in Latest Alpha Manuals, so closing.

            People

            • Assignee:
              Kim Haase
              Reporter:
              Sunitha Kambhampati
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development