RFR: 8245527: LDAP Cnannel Binding support for Java GSS/Kerberos
Sean Mullan
sean.mullan at oracle.com
Mon Jul 6 20:11:47 UTC 2020
Hi Alexey,
This may have been discussed already, but can you explain why the
"com.sun.jndi.ldap.connect.timeout" property needs to be set in order to
use this feature? That property is mostly used in tests to avoid long
socket timeouts, etc.
Why does that need to be set? What problem are you trying to solve?
--Sean
On 7/3/20 11:31 AM, Alexey Bakhtin wrote:
>
>> I would suggest removing it. At least for the SASL GSS-API mech, it seems the GSSContext object will not be leaked and no one has a chance to call setChannelBinding again on it.
>>
>> There is no spec saying setChannelBinding() can only be called once, so I'd rather we don't enforce that, although you might say there is no need to call it twice.
>
> OK.
> GSSContextImpl class is removed from patch.
>
> Webrev : http://cr.openjdk.java.net/~abakhtin/8245527/webrev.v11
>
> Thank you
> Alexey
>
More information about the core-libs-dev
mailing list