LDAP/TLS regression in 8u272
Alvarez, David
alvdavi at amazon.com
Fri Oct 30 13:43:21 UTC 2020
Hi,
JDK-8214440 lists JDK-8160768 [1] as a related bug. JDK-8160768 was
added in 8u272, that would explain why the failure appears now.
Although JDK-8214440 has been included in 8u271, there is no backport
for openjdk8u272. 8u271 would be Oracle's distribution
David
--
[1] https://bugs.openjdk.java.net/browse/JDK-8160768
On Fri, 2020-10-30 at 14:18 +0100, Thorsten Meinl wrote:
> Error verifying signature: Cannot verify message signature:
> Incorrect message format
> CAUTION: This email originated from outside of the organization. Do
> not click links or open attachments unless you can confirm the sender
> and know the content is safe.
>
>
>
> Hi,
>
> > It might be. Does it work with JDK 11? Would you have a reproducer
> > for
> > this issue?
>
> We have other services using LDAP with TLS that run on Java 11 (JFrog
> Artifactory - Java 11.0.7, Sonarqube - Java 11.0.8) which don't have
> that
> problem.
> For reproducing you need an LDAP server configured with TLS and a
> Tomcat
> installation. Configure Tomcat with the LDAP server as authentication
> realm,
> e.g.
>
> <Realm className="org.apache.catalina.realm.JNDIRealm"
> connectionURL="ldap://ldap:389"
> useStartTls="true"
> userBase = "ou=people, dc=knime, dc=com"
> userSearch = "(cn={0})"
> roleBase="ou=groups,dc=knime,dc=com"
> roleName="cn"
> roleSearch="(member={0})"
> />
>
> I also found
>
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972962
>
> and
>
> https://bugs.openjdk.java.net/browse/JDK-8214440
>
> which looks like exactly the same issue. The latter was supposed to
> be
> backported to 8u261. 8u265 didn't have that issue but 8u272 does.
> Maybe the
> backport got lost?
>
> Thanks,
>
> Thorsten
>
>
> --
> Dr.-Ing. Thorsten Meinl
> KNIME AG
> Hardturmstrasse 66
> 8005 Zurich, Switzerland
>
> --nextPart145846656.RtB02Ng89z--
More information about the jdk8u-dev
mailing list