Add JDK-8275535 patch to fix LDAP authentication issue.
Resolves: rhbz#2053523
This commit is contained in:
parent
3e6e30fbbb
commit
9d274e8023
@ -363,7 +363,7 @@
|
||||
%global top_level_dir_name %{origin}
|
||||
%global top_level_dir_name_backup %{top_level_dir_name}-backup
|
||||
%global buildver 1
|
||||
%global rpmrelease 1
|
||||
%global rpmrelease 2
|
||||
#%%global tagsuffix %%{nil}
|
||||
# Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
|
||||
%if %is_system_jdk
|
||||
@ -1290,6 +1290,8 @@ Patch3: rh649512-remove_uses_of_far_in_jpeg_libjpeg_turbo_1_4_compat_for_jdk1
|
||||
Patch4: pr3694-rh1340845-support_fedora_rhel_system_crypto_policy.patch
|
||||
# PR3695: Allow use of system crypto policy to be disabled by the user
|
||||
Patch7: pr3695-toggle_system_crypto_policy.patch
|
||||
# JDK-8275535, RH2053256: Retrying a failed authentication on multiple LDAP servers can lead to users blocked
|
||||
Patch8: jdk8275535-rh2053256-ldap_auth.patch
|
||||
|
||||
#############################################
|
||||
#
|
||||
@ -1721,6 +1723,8 @@ popd # openjdk
|
||||
%patch1015
|
||||
%patch1016
|
||||
|
||||
%patch8
|
||||
|
||||
# Extract systemtap tapsets
|
||||
%if %{with_systemtap}
|
||||
tar --strip-components=1 -x -I xz -f %{SOURCE8}
|
||||
@ -2492,6 +2496,10 @@ require "copy_jdk_configs.lua"
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Feb 23 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.14.1.1-2
|
||||
- Add JDK-8275535 patch to fix LDAP authentication issue.
|
||||
- Resolves: rhbz#2053523
|
||||
|
||||
* Fri Feb 18 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.14.1.1-1
|
||||
- Update to jdk-11.0.14.1+1
|
||||
- Update release notes to 11.0.14.1+1
|
||||
|
26
jdk8275535-rh2053256-ldap_auth.patch
Normal file
26
jdk8275535-rh2053256-ldap_auth.patch
Normal file
@ -0,0 +1,26 @@
|
||||
diff --git openjdk.orig/src/java.naming/share/classes/com/sun/jndi/ldap/LdapCtxFactory.java openjdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapCtxFactory.java
|
||||
index 300f3682655..6f3eb6c450b 100644
|
||||
--- openjdk.orig/src/java.naming/share/classes/com/sun/jndi/ldap/LdapCtxFactory.java
|
||||
+++ openjdk/src/java.naming/share/classes/com/sun/jndi/ldap/LdapCtxFactory.java
|
||||
@@ -226,6 +226,10 @@ final public class LdapCtxFactory implements ObjectFactory, InitialContextFactor
|
||||
ctx = getLdapCtxFromUrl(
|
||||
r.getDomainName(), url, new LdapURL(u), env);
|
||||
return ctx;
|
||||
+ } catch (AuthenticationException e) {
|
||||
+ // do not retry on a different endpoint to avoid blocking
|
||||
+ // the user if authentication credentials are wrong.
|
||||
+ throw e;
|
||||
} catch (NamingException e) {
|
||||
// try the next element
|
||||
lastException = e;
|
||||
@@ -278,6 +282,10 @@ final public class LdapCtxFactory implements ObjectFactory, InitialContextFactor
|
||||
for (String u : urls) {
|
||||
try {
|
||||
return getUsingURL(u, env);
|
||||
+ } catch (AuthenticationException e) {
|
||||
+ // do not retry on a different URL to avoid blocking
|
||||
+ // the user if authentication credentials are wrong.
|
||||
+ throw e;
|
||||
} catch (NamingException e) {
|
||||
ex = e;
|
||||
}
|
Loading…
Reference in New Issue
Block a user