Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

LDAP Java client - Old password being cached

 
Jaikiran Pai
Marshal
Pie
Posts: 10447
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
We have an application which is trying to do LDAP authentication. We are using Active Directory for the same. The code is pretty simple and works fine:
User is able to login successfully with the correct password. However if the user's password is changed on the LDAP server, the above code is still able to login the user with the old password as well as the new password. Looks like some caching is coming into picture. Initially, i thought that this behaviour has something to do with the com.sun.jndi.ldap.connect.pool value being set to true in the code, but this tutorial mentions that the connection pool is per JVM, so i am not sure how caching would be done across JVMs. All the same we even tried setting that value to false, but the results are the same. The user is able to login with the old password as well as the new password. Any idea as to what setting has to used to prevent this behaviour.

P.S: I am not sure whether this is the right forum to post this question but couldnt find a more appropriate one. If the moderators think there's a better forum where this could be answered, please move it there.
 
Jaikiran Pai
Marshal
Pie
Posts: 10447
227
IntelliJ IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
After much googling, found these 2 links which mention that this issue relates to Active Directory being installed on Windows Server 2003 SP1 or higher versions:

Section "Password change issue with Active Directory on Windows 2003" at:
Issue with password change in Active Directory

Article at Microsoft Support

Apparently, the registry has to be changed to change the old password timeout value. Havent been able to find a programatic way of doing this.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic