-
Bug
-
Resolution: Fixed
-
P3
-
8u401
-
b01
Our applications throw the following exception:
Caused by: javax.naming.CommunicationException: cefrlb-eas33.ce.sdxcorp.net:636 [Root exception is java.lang.ClassCastException: com.sap.security.core.server.https.SecureConnectionFactory (loaded by library:security.class@85328 com.sap.engine.boot.loader.ResourceMultiParentClassLoader) cannot be cast to javax.net.SocketFactory (loaded by <bootstrap>)]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:247)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1615)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2847)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at com.sap.engine.system.naming.provider.DefaultInitialContext._getDefaultInitCtxt(DefaultInitialContext.java:64)
... 128 more
Caused by: java.lang.ClassCastException: com.sap.security.core.server.https.SecureConnectionFactory (loaded by library:security.class@85328 com.sap.engine.boot.loader.ResourceMultiParentClassLoader) cannot be cast to javax.net.SocketFactory (loaded by <bootstrap>)
at com.sun.jndi.ldap.Connection.getSocketFactory(Connection.java:330)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:296)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:224)
... 138 more
Our class SecureConnectionFactory does not implement interface javax.net.SocketFactory.
This was not necessary before 8u401. With 8u401, we see this issue.
For us it looks like with the backport ofJDK-8314063 a snippet of JDK-8048175,
a change from jdk9, sneaked in:
src/share/classes/com/sun/jndi/ldap/Connection.java:
- Class<?> socketFactoryClass = Obj.helper.loadClass(socketFactory);
+ Class<? extends SocketFactory> socketFactoryClass =
+ (Class<? extends SocketFactory>) Obj.helper.loadClass
+ (socketFactory);
It is unclear to us whether implementing SocketFactory is required in 8.
All we found about this is https://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html.
ObviouslyJDK-8048175 enforces this since jdk9, but for 8 it looks as an regression.
If this change was intended, a release note would have been useful.
Caused by: javax.naming.CommunicationException: cefrlb-eas33.ce.sdxcorp.net:636 [Root exception is java.lang.ClassCastException: com.sap.security.core.server.https.SecureConnectionFactory (loaded by library:security.class@85328 com.sap.engine.boot.loader.ResourceMultiParentClassLoader) cannot be cast to javax.net.SocketFactory (loaded by <bootstrap>)]
at com.sun.jndi.ldap.Connection.<init>(Connection.java:247)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:137)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1615)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2847)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
at com.sap.engine.system.naming.provider.DefaultInitialContext._getDefaultInitCtxt(DefaultInitialContext.java:64)
... 128 more
Caused by: java.lang.ClassCastException: com.sap.security.core.server.https.SecureConnectionFactory (loaded by library:security.class@85328 com.sap.engine.boot.loader.ResourceMultiParentClassLoader) cannot be cast to javax.net.SocketFactory (loaded by <bootstrap>)
at com.sun.jndi.ldap.Connection.getSocketFactory(Connection.java:330)
at com.sun.jndi.ldap.Connection.createSocket(Connection.java:296)
at com.sun.jndi.ldap.Connection.<init>(Connection.java:224)
... 138 more
Our class SecureConnectionFactory does not implement interface javax.net.SocketFactory.
This was not necessary before 8u401. With 8u401, we see this issue.
For us it looks like with the backport of
a change from jdk9, sneaked in:
src/share/classes/com/sun/jndi/ldap/Connection.java:
- Class<?> socketFactoryClass = Obj.helper.loadClass(socketFactory);
+ Class<? extends SocketFactory> socketFactoryClass =
+ (Class<? extends SocketFactory>) Obj.helper.loadClass
+ (socketFactory);
It is unclear to us whether implementing SocketFactory is required in 8.
All we found about this is https://docs.oracle.com/javase/jndi/tutorial/ldap/security/ssl.html.
Obviously
If this change was intended, a release note would have been useful.
- relates to
-
JDK-8315240 The socket is not closed in Connection::createSocket when the handshake failed for LDAP connection
-
- Resolved
-
-
-
- Resolved
-
-
-
- Closed
-