Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-14520

LDAP Plugin should support StartTLS extension

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: In Progress (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Component/s: ldap-plugin
    • Labels:
      None
    • Similar Issues:

      Description

      The Jenkins LDAP-Plugin doesn't support the LDAP StartTLS extension that we would need to access our LDAP server. See also this discussion on the mailing list: http://jenkins.361315.n4.nabble.com/StartTLS-td372639.html

      I have investigated a bit to check what would be needed to support that feature, and it seems that the version of acegi-security that Jenkins uses is too old. Spring-ldap supports StartTls since version 1.3.0 (which is part of Spring 3.0).

      I have also voted for JENKINS-5303 to upgrade acegi-security.

        Attachments

          Issue Links

            Activity

            Hide
            colinlinx Colin Silcock added a comment -

            +1 would like this

            Show
            colinlinx Colin Silcock added a comment - +1 would like this
            Hide
            chungley2000 Chung Ley added a comment -

            +1 would like this as well!

            Show
            chungley2000 Chung Ley added a comment - +1 would like this as well!
            Hide
            neej Michael Sjölund added a comment -

            +1 would like this as well..

            Show
            neej Michael Sjölund added a comment - +1 would like this as well..
            Hide
            malbanna Mohammad ALBanna added a comment -

            I've implemented StartTLS support inside Jenkins Ldap plugin on top of acegi-security we had only StartTLS ldap connection to work with internally.

            I am beautifying the code and making it readable "was in a hurry when first wrote this". When I added it, ldap plugin was on release 1.20, I am adding it to on top of release 1.24. Will create a branch for my fork and add it there, but might not be the nicest code you looked at.

            Show
            malbanna Mohammad ALBanna added a comment - I've implemented StartTLS support inside Jenkins Ldap plugin on top of acegi-security we had only StartTLS ldap connection to work with internally. I am beautifying the code and making it readable "was in a hurry when first wrote this". When I added it, ldap plugin was on release 1.20, I am adding it to on top of release 1.24. Will create a branch for my fork and add it there, but might not be the nicest code you looked at.
            Hide
            analogj Jason Kulatunga added a comment -

            I've opened a PR that adds STARTTLS support to the LDAP Plugin - https://github.com/jenkinsci/ldap-plugin/pull/97

            Its confirmed working in our environment, but I could use some help from developers who are familiar with Jenkins/Spring/Java to confirm that I didn't miss anything. 

            I'm fairly certain my PR breaks LDAPS support, but I have no way to confirm that.

            Show
            analogj Jason Kulatunga added a comment - I've opened a PR that adds STARTTLS support to the LDAP Plugin - https://github.com/jenkinsci/ldap-plugin/pull/97 Its confirmed working in our environment, but I could use some help from developers who are familiar with Jenkins/Spring/Java to confirm that I didn't miss anything.  I'm fairly certain my PR breaks LDAPS support, but I have no way to confirm that.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              jmairboeck Joachim Mairböck
              Votes:
              18 Vote for this issue
              Watchers:
              22 Start watching this issue

                Dates

                Created:
                Updated: