Uploaded image for project: 'Directory ApacheDS'
  1. Directory ApacheDS
  2. DIRSERVER-2329

Replication trust manager improvements

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.0.0.AM27
    • None
    • None

    Description

      There are some improvements that should be made regarding trust manager configuration for Replication:

      1. In ReplicationTrustManager, the static block is not initialized before the constructor (at least in the tests), leading to a NPE.
      2. SyncReplConfiguration defaults to NoVerificationTrustManager, which is not secure, even though this is inconsistent with the value for strictCertVerification (true)
      3. The CreateConsumer annotation has a trustManager setting which is not used anywhere
      4. The ServerAnnotationProcessor does not wire the value for CreateConsumer.strictCertVerification()

      Attachments

        Issue Links

          is related to

          Task - A task that needs to be done. DIRSERVER-2328 CreateAuthenticator annotation trust manager improvements

          • Major - Major loss of function.
          • Resolved
          relates to

          Task - A task that needs to be done. DIRSERVER-2330 StartTlsHandler and LdapsInitializer use NoVerificationTrustManager

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #43

          Activity

            People

              coheigea Colm O hEigeartaigh
              coheigea Colm O hEigeartaigh
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: