External-Mirrors/keycloak
2
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-01-09 15:02:05 -03:30
Code Issues Packages Projects Releases Wiki Activity

Fix ldap:// with STARTTLS

Browse Source 
Closes: #21935
This commit is contained in:
Hynek Mlnarik 2023-09-13 17:29:11 +02:00 committed by Hynek Mlnařík
parent 088abcf1d2
commit 8effe31fdf
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
federation/ldap/src/main/java/org/keycloak/storage/ldap/idm/store/ldap/LDAPContextManager.java
View File

@ -192,7 +192,7 @@ public final class LDAPContextManager implements AutoCloseable {
// when using Start TLS, use default socket factory for LDAP client but pass the TrustStore SSL socket factory later
// when calling StartTlsResponse.negotiate(trustStoreSSLSocketFactory)
if (LDAPUtil.shouldUseTruststoreSpi(ldapConfig)) {
if (!ldapConfig.isStartTls() && LDAPUtil.shouldUseTruststoreSpi(ldapConfig)) {
env.put("java.naming.ldap.factory.socket", "org.keycloak.truststore.SSLSocketFactory");
}