提交 6de8daee 编写于 作者: A aefimov

8176067: Proper directory lookup processing

Reviewed-by: weijun
上级 b4069b63
/* /*
* Copyright (c) 1999, 2012, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -1233,6 +1233,7 @@ public final class LdapClient implements PooledConnection { ...@@ -1233,6 +1233,7 @@ public final class LdapClient implements PooledConnection {
static final int LDAP_REF_FOLLOW = 0x01; // follow referrals static final int LDAP_REF_FOLLOW = 0x01; // follow referrals
static final int LDAP_REF_THROW = 0x02; // throw referral ex. static final int LDAP_REF_THROW = 0x02; // throw referral ex.
static final int LDAP_REF_IGNORE = 0x03; // ignore referrals static final int LDAP_REF_IGNORE = 0x03; // ignore referrals
static final int LDAP_REF_FOLLOW_SCHEME = 0x04; // follow referrals of the same scheme
static final String LDAP_URL = "ldap://"; // LDAPv3 static final String LDAP_URL = "ldap://"; // LDAPv3
static final String LDAPS_URL = "ldaps://"; // LDAPv3 static final String LDAPS_URL = "ldaps://"; // LDAPv3
......
/* /*
* Copyright (c) 1999, 2013, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -2413,6 +2413,9 @@ final public class LdapCtx extends ComponentDirContext ...@@ -2413,6 +2413,9 @@ final public class LdapCtx extends ComponentDirContext
// First determine the referral mode // First determine the referral mode
if (ref != null) { if (ref != null) {
switch (ref) { switch (ref) {
case "follow-scheme":
handleReferrals = LdapClient.LDAP_REF_FOLLOW_SCHEME;
break;
case "follow": case "follow":
handleReferrals = LdapClient.LDAP_REF_FOLLOW; handleReferrals = LdapClient.LDAP_REF_FOLLOW;
break; break;
...@@ -2975,8 +2978,23 @@ final public class LdapCtx extends ComponentDirContext ...@@ -2975,8 +2978,23 @@ final public class LdapCtx extends ComponentDirContext
r = new LdapReferralException(resolvedName, resolvedObj, remainName, r = new LdapReferralException(resolvedName, resolvedObj, remainName,
msg, envprops, fullDN, handleReferrals, reqCtls); msg, envprops, fullDN, handleReferrals, reqCtls);
// only one set of URLs is present // only one set of URLs is present
r.setReferralInfo(res.referrals == null ? null : Vector<String> refs;
res.referrals.elementAt(0), false); if (res.referrals == null) {
refs = null;
} else if (handleReferrals == LdapClient.LDAP_REF_FOLLOW_SCHEME) {
refs = new Vector<>();
for (String s : res.referrals.elementAt(0)) {
if (s.startsWith("ldap:")) {
refs.add(s);
}
}
if (refs.isEmpty()) {
refs = null;
}
} else {
refs = res.referrals.elementAt(0);
}
r.setReferralInfo(refs, false);
if (hopCount > 1) { if (hopCount > 1) {
r.setHopCount(hopCount); r.setHopCount(hopCount);
......
/* /*
* Copyright (c) 1999, 2011, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 1999, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -117,7 +117,8 @@ final public class LdapReferralException extends ...@@ -117,7 +117,8 @@ final public class LdapReferralException extends
// If following referral, request controls are passed to referral ctx // If following referral, request controls are passed to referral ctx
this.reqCtls = this.reqCtls =
(handleReferrals == LdapClient.LDAP_REF_FOLLOW ? reqCtls : null); (handleReferrals == LdapClient.LDAP_REF_FOLLOW ||
handleReferrals == LdapClient.LDAP_REF_FOLLOW_SCHEME ? reqCtls : null);
} }
/** /**
......
/* /*
* Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
* *
* This code is free software; you can redistribute it and/or modify it * This code is free software; you can redistribute it and/or modify it
...@@ -265,7 +265,7 @@ public final class LDAPCertStore extends CertStoreSpi { ...@@ -265,7 +265,7 @@ public final class LDAPCertStore extends CertStoreSpi {
*/ */
Hashtable<?,?> currentEnv = ctx.getEnvironment(); Hashtable<?,?> currentEnv = ctx.getEnvironment();
if (currentEnv.get(Context.REFERRAL) == null) { if (currentEnv.get(Context.REFERRAL) == null) {
ctx.addToEnvironment(Context.REFERRAL, "follow"); ctx.addToEnvironment(Context.REFERRAL, "follow-scheme");
} }
} catch (NamingException e) { } catch (NamingException e) {
if (debug != null) { if (debug != null) {
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册