CrowdTlsDirContextAuthenticationStrategy (Atlassian Crowd 4.0.0 API)

java.lang.Object
- org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy
- - com.atlassian.crowd.directory.ssl.CrowdTlsDirContextAuthenticationStrategy

All Implemented Interfaces:

org.springframework.ldap.core.support.DirContextAuthenticationStrategy
```
public class CrowdTlsDirContextAuthenticationStrategy
extends org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy
```
This authentication strategy is replacement for DefaultTlsDirContextAuthenticationStrategy, and is a workaround for bug affecting JDK9-JDK13. Bug is fixed in JDK14. https://bugs.java.com/bugdatabase/view_bug.do?bug_id=8217606 https://github.com/spring-projects/spring-ldap/issues/502
DefaultTlsDirContextAuthenticationStrategy initiates ssl connection and then performs an authentication. At the end of the authentication process LdapContext.reconnect(Control[]) is called. This call in JDK9-JDK13 creates new non-ssl connection, and replaces previously created ssl connection. This is a security vulnerability.

Constructor Summary

Constructors
Constructor and Description

CrowdTlsDirContextAuthenticationStrategy()

Constructors
Constructor and Description
`CrowdTlsDirContextAuthenticationStrategy()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`applyAuthentication(LdapContext ctx, String userDn, String password)`

Methods inherited from class org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy
processContextAfterCreation, setHostnameVerifier, setShutdownTlsGracefully, setSslSocketFactory, setupEnvironment

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- CrowdTlsDirContextAuthenticationStrategy
```
public CrowdTlsDirContextAuthenticationStrategy()
```

Method Detail

applyAuthentication

public void applyAuthentication(LdapContext ctx,
                                String userDn,
                                String password)
                         throws NamingException

Specified by:: applyAuthentication in class org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy
Throws:: NamingException

Class CrowdTlsDirContextAuthenticationStrategy

Constructor Summary

Method Summary

Methods inherited from class org.springframework.ldap.core.support.AbstractTlsDirContextAuthenticationStrategy

Methods inherited from class java.lang.Object

Constructor Detail

CrowdTlsDirContextAuthenticationStrategy

Method Detail

applyAuthentication