LDAP authn connection strategy with multiple URLs and UnboundID
Description
Environment
Activity
Vlad Mencl August 22, 2021 at 11:44 PM
Hi Scott,
Thanks for the reply.
Yes, I know the documentation is a wiki - and so anyone can edit it - but I felt official documentation / supported features should only be edited (or added) by the core team.
The properties were added in the commit linked at the very start of this ticket: http://git.shibboleth.net/view/?p=java-identity-provider.git;a=commit;h=fda9b4f1ff0b1bc4d6202e86f8b47ff85b703b69
I’ve now added them to the respective pages (as per my previous comment), with description taken from what the above commit added to ldap.properties.
Hope this is all good.
Cheers,
Vlad
Scott Cantor August 20, 2021 at 1:37 PM
@Vlad Mencl I would really suggest you just add them, you seem to know what they actually are and I don’t have any memory of it.
Vlad Mencl August 20, 2021 at 10:24 AM
Hi, thanks for fixing this. Just found the details here in the issue (and the commit link) - just wondering whether the new properties ( idp.authn.LDAP.connectionStrategy and idp.attribute.resolver.LDAP.connectionStrategy ) should be documented at https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631612/LDAPAuthnConfiguration and https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631572/LDAPConnector ?
Cheers,
Vlad
Scott Cantor December 4, 2020 at 1:44 PM
@Daniel Fisher That copy of the schema is the old one, the current defs are in the main resolver namespace.
Review the parsing of multiple LDAP URLs as it relates to the `DefaultConnectionStrategy`. There is likely breaking changes there with regard to JNDI functionality.
Note that the LDAP attribute resolver uses the `ActivePassiveConnectionStrategy` by default and regardless of the findings here, the authn components should default to the same strategy to provide parity.