差異處

這裏顯示兩個版本的差異處。

連向這個比對檢視

Both sides previous revision 前次修改
下次修改 		前次修改
java:ldap:spring:ldapauthenticationprovider:secureconnection [2016/05/10 22:47]
tony [Reference] 		java:ldap:spring:ldapauthenticationprovider:secureconnection [2023/06/25 09:48] (目前版本)
行 108: 行 108:
 ldapContextSource.setPooled(false);​ ldapContextSource.setPooled(false);​
 </​code>​ </​code>​
- +===== 最後 ​===== 
- +除了以上內容外,還有些議題沒特別說明:​ 
- +  * **SSL + VerifyHostname**Hostname驗證是為了抵禦中間人攻擊,因此SSL應也需要Hostname驗證。目前我已經有做法可以解決。 
-===== Reference ​===== +  * **Disable Connection Pool**Connection Pool是為了減少重建連線的Effort,但目前Spring的StartTLS並無法正常使用。 
-  * [[http://​www.openldap.org/​faq/​data/​cache/​1063.html|TLS already started - Connection Pool]] +這些議題有機會再研究與分享。
-  * [[http://​forum.spring.io/​forum/​spring-projects/​data/​ldap/​19764-tls-and-setupauthenticatedenvironment|TLS already started - don't use ldaps]]+
 ===== Reference ===== ===== Reference =====
   * [[https://​www.fastmail.com/​help/​technical/​ssltlsstarttls.html|SSL VS. TLS VS. STARTTLS]]   * [[https://​www.fastmail.com/​help/​technical/​ssltlsstarttls.html|SSL VS. TLS VS. STARTTLS]]
行 123: 行 122:
   * [[http://​www.cisco.com/​c/​en/​us/​support/​docs/​security/​firesight-management-center/​118738-configure-firesight-00.html|UI Design of Firesight system]]   * [[http://​www.cisco.com/​c/​en/​us/​support/​docs/​security/​firesight-management-center/​118738-configure-firesight-00.html|UI Design of Firesight system]]
   * [[http://​www.derekseaman.com/​2011/​06/​citrix-netscaler-active-directory.html|UI Design of Citrix-Netscaler]]   * [[http://​www.derekseaman.com/​2011/​06/​citrix-netscaler-active-directory.html|UI Design of Citrix-Netscaler]]
 +  * [[http://​www.openldap.org/​faq/​data/​cache/​1063.html|TLS already started - Connection Pool]] 
 +  * [[http://​forum.spring.io/​forum/​spring-projects/​data/​ldap/​19764-tls-and-setupauthenticatedenvironment|TLS already started - don't use ldaps]]
 =====  ===== =====  =====
 ---- ----
 \\ \\
 ~~DISQUS~~ ~~DISQUS~~