Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-36041

default ldap timeouts are inappropriate

    XMLWordPrintable

Details

    Description

      when com.sun.jndi.ldap.read.timeout and com.sun.jndi.ldap.connect.timeout are not set the plugin uses the system defaults which are in appropriate. If not set the plugin should set them to something appropriate.

      Attachments

        Issue Links

          Activity

            Will be released in version 2.1

            fbelzunc Félix Belzunce Arcos added a comment - Will be released in version 2.1

            Code changed in jenkins
            User: Felix Belzunce Arcos
            Path:
            src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java
            src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java
            http://jenkins-ci.org/commit/active-directory-plugin/f80f9555dbe17d61bd4e310e996cd95ee90fad1a
            Log:
            Merge pull request #62 from fbelzunc/JENKINS-36041-v4

            [FIXED JENKINS-36041 JENKINS-25269] Enable com.sun.jndi.ldap.connect.timeout

            Compare: https://github.com/jenkinsci/active-directory-plugin/compare/95effde74165...f80f9555dbe1

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Felix Belzunce Arcos Path: src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java http://jenkins-ci.org/commit/active-directory-plugin/f80f9555dbe17d61bd4e310e996cd95ee90fad1a Log: Merge pull request #62 from fbelzunc/ JENKINS-36041 -v4 [FIXED JENKINS-36041 JENKINS-25269] Enable com.sun.jndi.ldap.connect.timeout Compare: https://github.com/jenkinsci/active-directory-plugin/compare/95effde74165...f80f9555dbe1

            Code changed in jenkins
            User: Félix Belzunce Arcos
            Path:
            src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java
            src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java
            http://jenkins-ci.org/commit/active-directory-plugin/7b68679b4425ae12700ed2b0dd3ec0df16f91343
            Log:
            JENKINS-36041 Enable com.sun.jndi.ldap.connect.timeout

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Félix Belzunce Arcos Path: src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java http://jenkins-ci.org/commit/active-directory-plugin/7b68679b4425ae12700ed2b0dd3ec0df16f91343 Log: JENKINS-36041 Enable com.sun.jndi.ldap.connect.timeout

            The issue seems to be
            https://github.com/jenkinsci/active-directory-plugin/blob/active-directory-2.0/src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java#L572 specifically because the property should not be added if the connection is not running through SSL. Once you correctly handle this, DEFAULT_LDAP_CONNECTION_TIMEOUT seems to work. I am working on a fix.

            newProps.put("java.naming.ldap.factory.socket",TrustAllSocketFactory.class.getName());
            
            fbelzunc Félix Belzunce Arcos added a comment - The issue seems to be https://github.com/jenkinsci/active-directory-plugin/blob/active-directory-2.0/src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java#L572 specifically because the property should not be added if the connection is not running through SSL. Once you correctly handle this, DEFAULT_LDAP_CONNECTION_TIMEOUT seems to work. I am working on a fix. newProps.put( "java.naming.ldap.factory.socket" ,TrustAllSocketFactory. class. getName());
            teilo James Nord added a comment -

            [https://bugs.openjdk.java.net/browse/JDK-8139721 | JDK-8139721]

            However the workaround seems not to work...

            teilo James Nord added a comment - [https://bugs.openjdk.java.net/browse/JDK-8139721 | JDK-8139721] However the workaround seems not to work...

            People

              fbelzunc Félix Belzunce Arcos
              teilo James Nord
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: