Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

InitialDirContext caching old passwords till some *unknown* timeout expires  RSS feed

Neelesh Korade
Posts: 2
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

I tried searcing on the forum quite a lot but couldnt get the exact solution for this problem.

We have a plain java application (a standalone Java client). It is connecting to a LDAP server for authentication. The problem is the Java application authenticates the users on both, their current and the last (the previous one) password.

To explain it in greater detail, when the Java application is run once, it authenticates users on their passwords which are currently set on the LDAP server. Now if we change the user password on the LDAP server to some new password, the application still continues to authenticate the users with the old password for some *unknown* period of time.

There seems to be some credential cache somewhere being created with a time out.

Could someone help me figure out how to bypass the credential cache and/or set its time out period?

Any help will be greatly appreciated.

Note that, I have set the environment property Context.AUTHORITATIVE to "true".

Here's the Java code the applicaiton is using for authentication on LDAP server-
Hashtable hashEnv = new Hashtable();
String provider_url = "LDAP://tdldap:389";
String security_principal = "some_user@some_domain";
String password = "some_password";
hashEnv.put(Context.PROVIDER_URL, provider_url);
hashEnv.put(Context.SECURITY_CREDENTIALS, password);
hashEnv.put("", "false");
hashEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
hashEnv.put(LdapContext.CONTROL_FACTORIES, "com.sun.jndi.ldap.ControlFactory");
DirContext ctx = new InitialDirContext(hashEnv);
}catch(NamingException ex){
Don't get me started about those stupid light bulbs.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!