LDAP Referrals Returned To WebSphere Do Not Work With SSL

Technote (FAQ)
Problem
When an LDAP server returns a referral back to an application over a port other than 389 (The default LDAP port), such as 636 (The default SSL LDAP port), WebSphere always changes the port to 389.

WebSphere Security does not currently support LDAP referrals. They could be used by an application, but that application would need to be written to handle them.

An LDAP referral is basically the location of a remote LDAP server where the user we queried for is located (hostname.domain.com:port)
Cause
Defect in the SUN JDK 1.3.1 and 1.4.1. This is fixed by SUN BUG id 4639896 in the 1.4.2 JDK.
Solution
Fix cannot be backported to 1.3.1 or 1.4.1 JDK. Customer would have to use 1.4.2 JDK in order to use LDAP referrals with WebSphere.
Related information
SUN bug ID 4639896 fixed at 1.4.2 JDK

Technote on LDAP referrals.












Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Security
Operating system(s): Multi-Platform
Software version: 3.5, 4.0, 5.0, 5.1, 6.0
Software edition: Edition Independent
Reference #: 1175734
IBM Group: Software Group
Modified date: 2004-07-31