New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add referral handling #25

dfish3r opened this Issue Feb 24, 2015 · 1 comment


None yet
1 participant
Copy link

dfish3r commented Feb 24, 2015

Providers do not leverage existing connection configuration when following referrals.
This can lead to security issues when following referrals as credentials may be replayed over an insecure connection.
In particular, JNDI will follow referrals without issuing a startTLS operation on referral connections.

dfish3r added a commit that referenced this issue Feb 24, 2015

Refactor LdapURL to support RFC 4516 LDAP URLs.
Referral support depends on the ability to parse LDAP URLs.
See #25.

dfish3r added a commit that referenced this issue Feb 24, 2015

Add support for following referrals.
Add ReferralHandler interface.
Provide common ReferralHandler implementations.
Remove Request#followReferrals, add Request#setReferralHandler.
Update providers as necessary.
Update integration tests as necessary.
See #25.

This comment has been minimized.

Copy link

dfish3r commented Mar 17, 2015

Resolved in #26

@dfish3r dfish3r closed this Mar 17, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment