RFR: 8245527: LDAP Cnannel Binding support for Java GSS/Kerberos
Daniel Fuchs
daniel.fuchs at oracle.com
Fri Jun 5 16:45:30 UTC 2020
Hi Alexey,
On 05/06/2020 17:33, Alexey Bakhtin wrote:
> Hi Daniel,
>
> Thank you for review
> Yes, I can move TlsChannelBinding class into the com.sun.jndi.ldap.sasl package and LdapClient related changes into the LdapSasl.saslBind method.
> Also, you are right with exceptions. I will rename them to the NamingException.
>
> However, I’d like to parse TLS Channel Binding property in the LdapCtx class. The reason is “com.sun.jndi.ldap.connect.timeout” property. This property should be set together with TLS Channel Binding. So, I’d like to verify if both properties are set before connection is started. The best place for it is LdapCtx.initEnv()
> Is it acceptable ?
Yes - I am OK with that.
Also - you will need a test. Ideally we'd want a test that verifies
that setting the new property works as expected.
Best regards,
-- daniel
>
> Thank you
> Alexey
More information about the security-dev
mailing list