Uploaded image for project: 'DSpace'
  1. DSpace
  2. DS-1518

Support StartTLS in LDAPAuthentication

    Details

    • Attachments:
      0
    • Comments:
      10
    • Documentation Status:
      Complete or Committed

      Description

      The LDAPAuthentication authentication method doesn't support the StartTLS extension, which lets DSpace communicate with the LDAP server over a standard TLS-secured channel.

      Please note that this is a different form of communication from LDAPS, which is supported. LDAPS is a separate protocol on port 636, while LDAP over TLS is on standard LDAP port 389.

      The LDAPAuthentication class is here:
      https://github.com/DSpace/DSpace/blob/dspace-3_x/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java

      An example of how to implement StartTLS is here:
      http://docs.oracle.com/javase/jndi/tutorial/ldap/ext/starttls.html

      StartTLS should be an optional boolean parameter in [dspace]/config/modules/authentication-ldap.conf

        Attachments

          Activity

            People

            • Assignee:
              helix84 Ivan Masár
              Reporter:
              helix84 Ivan Masár
            • Votes:
              4 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: