Directory Client API
  1. Directory Client API
  2. DIRAPI-51

Add cipher suite support to LdapConnectionConfig

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 1.0.0-M5
    • Fix Version/s: 1.0.0-M6
    • Labels:
      None

      Description

      The current implementation of LdapConnectionConfig exposes properties for KeyManager[] and TrustManager[], but not supported cipher suites. Some clients like to control ciphers on a connection-by-connection basis, restricting to only certain strong ciphers. See http://download.oracle.com/javase/6/docs/api/javax/net/ssl/SSLSocketFactory.html

      It may be more expedient to remove the KeyManager and TrustManager properties and expose a single property for an SSLSocketFactory.

        Activity

        Hide
        Pierre-Arnaud Marcelot added a comment -

        Fixed at revision 1143489.
        http://svn.apache.org/viewvc?rev=1143489&view=rev

        I added a specific field to the LdapConnectionConfig class.
        Our use of Apache Mina's SSL Filter does not allow us to provide a property for SSLSocketFactory.

        Show
        Pierre-Arnaud Marcelot added a comment - Fixed at revision 1143489. http://svn.apache.org/viewvc?rev=1143489&view=rev I added a specific field to the LdapConnectionConfig class. Our use of Apache Mina's SSL Filter does not allow us to provide a property for SSLSocketFactory.

          People

          • Assignee:
            Pierre-Arnaud Marcelot
            Reporter:
            Daniel Fisher
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development