Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8313369

com.sun.jndi.ldap.connect.timeout parameter does not work for ldaps (SSL)

XMLWordPrintable

      ADDITIONAL SYSTEM INFORMATION :
      openjdk version "11.0.19" 2023-04-18
      Open Edition 11.0.19.0 (build 11.0.19+7)
      Eclipse OpenJ9 VM 11.0.19.0 (build openj9-0.38.0, JRE 11 Linux amd64-64-Bit Compressed References 20230523_750 (JIT enabled, AOT enabled)
      OpenJ9 - d57d05932
      OMR - 855813495
      JCL - 629eb0c22b based on jdk-11.0.19+7)

      A DESCRIPTION OF THE PROBLEM :
      Just add the parameter com.sun.jndi.ldap.connect.timeout for ldaps (ldap over ssl), i am getting the error, java.net.SocketException: Unconnected sockets not implemented.

      It works fine for ldap without ssl.

      A DESCRIPTION OF THE PROBLEM :
      When i add the parameter com.sun.jndi.ldap.connect.timeout for ldaps (ldap over ssl), i am getting the error, java.net.SocketException: Unconnected sockets not implemented.

      The error is hit when calling the function, InitialLdapContext
      javax.naming.ldap.InitialLdapContext#InitialLdapContext(java.util.Hashtable<?,?>, javax.naming.ldap.Control[])

      It works fine for ldap without ssl.

      at java.base/java.lang.Thread.run(Unknown Source)
      Caused by: javax.naming.CommunicationException: 9.30.92.253:18636 [Root exception is java.net.SocketException: Unconnected sockets not implemented]


      Tried with and without -Dcom.sun.jndi.ldapURLParsing=legacy results are no different.
      -Djava.awt.headless=true -Djdk.attach.allowAttachSelf=true -Xms2048m -Xmx2048m -Dcom.sun.security.enableCRLDP=true -Dsun.net.inetaddr.ttl=30 -Dcom.sun.jndi.ldap.read.timeout=5000 -Dcom.sun.jndi.ldap.connect.pool.maxsize=200 -Dcom.sun.jndi.ldap.connect.pool.timeout=5000 -Dcom.sun.jndi.ldap.connect.pool.protocol=plain ssl -Dcom.sun.jndi.ldapURLParsing=legacy -Dcom.sun.jndi.ldap.object.disableEndpointIdentification=true

      Same as - https://bugs.openjdk.org/browse/JDK-8173451?attachmentViewMode=list

      STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
      Set the parameter, com.sun.jndi.ldap.connect.timeout to a value like 30000
      Create ldap connection over ssl




      EXPECTED VERSUS ACTUAL BEHAVIOR :
      EXPECTED -
      successful ldaps (ldap over ssl) connection should created.
      ACTUAL -
      Fails -
      at java.base/java.lang.Thread.run(Unknown Source)
      Caused by: javax.naming.CommunicationException: 9.30.92.253:18636 [Root exception is java.net.SocketException: Unconnected sockets not implemented]

      CUSTOMER SUBMITTED WORKAROUND :
      Don't set connection timeout which leads to indefinite waits and performance issues.
      Switch to non SSL over ldap.

      FREQUENCY : always


            aefimov Aleksej Efimov
            webbuggrp Webbug Group
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: