-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New LdapService.authenticate()
API + TLS support
#384
Conversation
+ Use TLS security/encryption in Apache Library
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like a great idea and a good thing to have to fallback on.
* This method uses the underlying LDAP bind mechanism to verify user password and access. | ||
* | ||
* @param username -- sAMAccountName for user | ||
* @param password -- credentials for user |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just a nit: "credentials" makes me wonder right away that more than one thing is expected.
can the doc say: "user's AD password"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agree, fixing now
ret.useTls = true | ||
if (config.requireCert == false) { | ||
ret.setTrustManagers(new NoVerificationTrustManager()) | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As discussed with Lee, I will explore using a trust store here.
LdapService.authenticate()
API + TLS support
+ Wanted a more explicit / clear name for this flag, using term "verification" to match use of `NoVerificationTrustManager`
Authenticate method is provided as support for a Forms based (backup) authentication directly against local AD
Re: TLS secured connection, which is orthogonal