RFR: 8275535: Retrying a failed authentication on multiple LDAP servers can lead to users blocked
Martin Balao
mbalao at openjdk.java.net
Thu Dec 16 01:26:03 UTC 2021
On Wed, 17 Nov 2021 20:04:50 GMT, Martin Balao <mbalao at openjdk.org> wrote:
>> Hi Martin,
>>
>> The change looks reasonable to me.
>> I would suggest having a CSR logged for this change due to the following [behavioral incompatibility](https://wiki.openjdk.java.net/display/csr/Kinds+of+Compatibility):
>> Before the change - all available endpoints/URLs are tried to create an LDAP context.
>> With the proposed change - incorrect credentials will prevent other endpoints to be exercised to create an LDAP context.
>>
>> Having a CSR will also help to document difference in handling `AuthenticationException` and `NamingException` during construction of an LDAP context from the list of endpoints acquired from a LDAP DNS provider.
>
> Hi @AlekseiEfimov
>
> Can you please review the CSR [1]?
>
> Thanks,
> Martin.-
>
> --
> [1] - https://bugs.openjdk.java.net/browse/JDK-8276959
> @martinuy This pull request has been inactive for more than 4 weeks and will be automatically closed if another 4 weeks passes without any activity. To avoid this, simply add a new comment to the pull request. Feel free to ask for assistance if you need help with progressing this pull request towards integration!
Please do not close, waiting for CSR approval.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6043
More information about the core-libs-dev
mailing list