LDAP - replace use of com.sun libraries

Description

Where LDAP is currently used, Openfire uses the com.sun.jndi.ldap classes - these are internal Oracle libraries, and ideally should not be used.

Use of these classes should be replaced with the Apache Directory LDAP API - http://directory.apache.org/api/ - which is a modern replacement. 

Environment

None

Activity

Show:
Greg Thomas
August 4, 2019, 8:55 PM
Edited

Note 1; I've subsequently found that whilst `com.sun.jndi.ldap.LdapCtxFactory` is to be avoided (it's a com.sun package, which is not available in all JREs and may disappear in future ones from Oracle, too), the underyling `javax.naming.ldap.*` classes are fine to use.

Note 2; It turns out (during the fix to the above, which is to replace the `com.sun.jndi.ldap.LdapCtxFactory` class by instantiating a new instance of `javax.naming.ldap.InitialLdapContext` that the code doesn't actually use `com.sun.jndi.ldap.LdapCtxFactory` anyway - it just looks like it does (it actually uses JiveInitialLdapContext which extends InitialLdapContext).

Assignee

Unassigned

Reporter

Greg Thomas

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Affects versions

Priority

Major