[jboss-jira] [JBoss JIRA] (WFCORE-2647) Add an option to always send the client SSL certificate to LDAP server
Peter Palaga (JIRA)
issues at jboss.org
Mon Apr 10 08:04:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2647?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13391399#comment-13391399 ]
Peter Palaga commented on WFCORE-2647:
--------------------------------------
bq. The system property should only be resolved within the OperationStepHandler - it should not be dynamically resolved at runtime.
+1 for the fix in the current version.
I suppose touching OperationStepHandler is not necessarily a requirement for older versions where we want only the sys prop without management model changes, right?
> Add an option to always send the client SSL certificate to LDAP server
> ----------------------------------------------------------------------
>
> Key: WFCORE-2647
> URL: https://issues.jboss.org/browse/WFCORE-2647
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Reporter: Peter Palaga
> Assignee: Peter Palaga
>
> This is the component issue for https://issues.jboss.org/browse/JBEAP-4439 and https://bugzilla.redhat.com/show_bug.cgi?id=1327758
> The present code in {{LdapConnectionManagerService}} was designed so that the client cert is sent to authenticate the search account but during the username / password verification step, the client cert is not sent.
> The present objective is to add an option (that will default to the old behavior) to send the client password also during the username / password verification.
> This includes (citing [~dlofthouse]):
> * Implement management model based configuration and an implementation for the current version
> * Port back to older versions using a system property.
> * Forward port the system property to the current version for compatibility.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list