[Bug 65302] Add support for setting com.sun.jndi.ldap.tls.cbtype

https://bz.apache.org/bugzilla/show_bug.cgi?id=65302 Michael Osipov changed: What|Removed |Added CC||micha...@apache.org -- You are recei

[Bug 65302] Add support for setting com.sun.jndi.ldap.tls.cbtype

https://bz.apache.org/bugzilla/show_bug.cgi?id=65302 --- Comment #7 from Michael Osipov --- (In reply to Mike Millson from comment #6) > (In reply to Michael Osipov from comment #1) > > The only SASL mech supporting this is GSSAPI and you can > > request GSS-API to completely encrypt your traffic

[Bug 65302] Add support for setting com.sun.jndi.ldap.tls.cbtype

https://bz.apache.org/bugzilla/show_bug.cgi?id=65302 --- Comment #6 from Mike Millson --- (In reply to Michael Osipov from comment #1) > The only SASL mech supporting this is GSSAPI and you can > request GSS-API to completely encrypt your traffic with Kerberos > (auth-conf), no TLS necessary. Do

[Bug 65302] Add support for setting com.sun.jndi.ldap.tls.cbtype

https://bz.apache.org/bugzilla/show_bug.cgi?id=65302 --- Comment #5 from Christopher Schultz --- (In reply to romain.manni-bucau from comment #4) > Assuming a new "String properties" property is added (with its setter) ... > Can't this issue move to a more generic properties support? Of course.

[Bug 65302] Add support for setting com.sun.jndi.ldap.tls.cbtype

https://bz.apache.org/bugzilla/show_bug.cgi?id=65302 --- Comment #4 from romain.manni-bucau --- Hi, Maybe a side question/issue: JNDI realm is actually not a JNDI realm but more a sun JNDI realm in the sense its configuration is quite bound to a particular implementation. Assuming a new "String

[Bug 65302] Add support for setting com.sun.jndi.ldap.tls.cbtype

https://bz.apache.org/bugzilla/show_bug.cgi?id=65302 --- Comment #3 from Michael Osipov --- (In reply to Christopher Schultz from comment #2) > Would it hurt anything to unconditionally add > com.sun.jndi.ldap.tls.cbtype=tls-server-end-point to the properties used to > initialize to the InitialCo

[Bug 65302] Add support for setting com.sun.jndi.ldap.tls.cbtype

https://bz.apache.org/bugzilla/show_bug.cgi?id=65302 --- Comment #2 from Christopher Schultz --- Would it hurt anything to unconditionally add com.sun.jndi.ldap.tls.cbtype=tls-server-end-point to the properties used to initialize to the InitialContext? Or does this really need to be something con

[Bug 65302] Add support for setting com.sun.jndi.ldap.tls.cbtype

https://bz.apache.org/bugzilla/show_bug.cgi?id=65302 --- Comment #1 from Michael Osipov --- Why? I did several reviews of the ticket when it was discussed with security-dev@. The only SASL mech supporting this is GSSAPI and you can request GSS-API to completely encrypt your traffic with Kerberos