JAAS ldap issue
Peter Schober
peter.schober at univie.ac.at
Wed Jun 3 13:59:12 UTC 2020
* Cantor, Scott <cantor.2 at osu.edu> [2020-06-03 02:59]:
> FWIW, in V4 you MUST use ldaps:// URLs for TLS connections and
> useSSL does nothing anymore (it's driven by the URL alone)
>From the docs
https://wiki.shibboleth.net/confluence/display/IDP4/LDAPAuthnConfiguration#LDAPAuthnConfiguration-Properties
I'd have thought I'd have to use:
* ldap:// with useStartTLS=true for LDAP+STARTTLS
* ldap:// with useStartTLS=false for (plain) LDAP
* ldaps:// for non-standard LDAP-over-SSL (useStartTLS irrelevant)?
Or would I use ldaps:// in both cases (LDAPS vs. LDAP+STARTTLS) and
differentiate between LDAP-over-SSL and LDAP+STARTTLS using
useStartTLS=false and true, respectively? I think not but the above
confuses me slightly...
-peter
More information about the users
mailing list