差異處
這裏顯示兩個版本的差異處。
| Both sides previous revision 前次修改 下次修改 | 前次修改 | ||
|
java:ldap:spring:ldapauthenticationprovider:secureconnection [2016/05/10 22:47] tony |
java:ldap:spring:ldapauthenticationprovider:secureconnection [2023/06/25 09:48] (目前版本) |
||
|---|---|---|---|
| 行 108: | 行 108: | ||
| ldapContextSource.setPooled(false); | ldapContextSource.setPooled(false); | ||
| </code> | </code> | ||
| - | + | ===== 最後 ===== | |
| + | 除了以上內容外,還有些議題沒特別說明: | ||
| + | * **SSL + VerifyHostname**: Hostname驗證是為了抵禦中間人攻擊,因此SSL應也需要Hostname驗證。目前我已經有做法可以解決。 | ||
| + | * **Disable Connection Pool**: Connection Pool是為了減少重建連線的Effort,但目前Spring的StartTLS並無法正常使用。 | ||
| + | 這些議題有機會再研究與分享。 | ||
| ===== Reference ===== | ===== Reference ===== | ||
| * [[https://www.fastmail.com/help/technical/ssltlsstarttls.html|SSL VS. TLS VS. STARTTLS]] | * [[https://www.fastmail.com/help/technical/ssltlsstarttls.html|SSL VS. TLS VS. STARTTLS]] | ||
| 行 121: | 行 124: | ||
| * [[http://www.openldap.org/faq/data/cache/1063.html|TLS already started - Connection Pool]] | * [[http://www.openldap.org/faq/data/cache/1063.html|TLS already started - Connection Pool]] | ||
| * [[http://forum.spring.io/forum/spring-projects/data/ldap/19764-tls-and-setupauthenticatedenvironment|TLS already started - don't use ldaps]] | * [[http://forum.spring.io/forum/spring-projects/data/ldap/19764-tls-and-setupauthenticatedenvironment|TLS already started - don't use ldaps]] | ||
| - | |||
| ===== ===== | ===== ===== | ||
| ---- | ---- | ||
| \\ | \\ | ||
| ~~DISQUS~~ | ~~DISQUS~~ | ||
