Entries in dirmgr (1)

Wednesday
Dec162015

UnboundID LDAP SDK for Java 3.1.0

We have just released the 3.1.0 version of the UnboundID LDAP SDK for Java. It is available for download via the LDAP.com website or from GitHub, as well as in the Maven Central Repository. The release notes provide complete details about the changes in this release, but some of the major changes include:

  • Added the ability to launch command-line tools in an interactive mode, in which the user will be prompted for details needed to connect and authenticate to the target directory server (if applicable for that tool), as well as for any required arguments. The tool will then display a table allowing the user to customize values for all of the arguments, and the user can run the tool with the desired settings or merely display the non-interactive command line that would be used to run with those options.

  • Updated the LDAP debugger and in-memory directory server tools to provide the ability to automatically generate source code for any client requests that they receive. This can be helpful when porting existing LDAP-enabled applications to use the UnboundID LDAP SDK for Java.

  • Updated the LDAP connection pool to make it possible to configure a minimum available connection goal. If a goal is set, then the connection pool will try to maintain at least that many connections available for immediate use. This can help reduce the need to create new connections on demand under periods of heavy load.

  • Added support for LDIF translators that can be used to transform LDIF change records when reading from or writing to LDIF. These translators are particularly helpful when using multiple threads to read or write change records in parallel.

  • Improved compatibility with servers that don't support the most recent TLS implementation and don't correctly handle TLS client hello messages that reference the newer protocol.

  • Updated the LDAP connection pool health check mechanism to provide support for validating a connection after authentication has completed. It was previously only possible to verify a connection after it was established but before it was authenticated. Added a new health check implementation that can check for various password policy-related conditions (e.g., a password that has expired or is about to expire), and another new aggregate health check that can invoke several health checks as a single unit.

  • Improved the LDAP SDK's handling of connection timeouts so that an unsuccessful connection attempt is less likely to block for longer than the configured timeout.

  • Deprecated the LDAPConnectionOptions auto-reconnect option. This option has always been very fragile and useful only in very limited circumstances. The functionality is still present (and will continue to be available in) the LDAP SDK, but applications are strongly recommended to use a connection pool, even when only a single connection is needed, because it provides much better and more reliable support for dealing with connectivity problems.

  • Added support for specifying a number of additional options when authenticating with the GSSAPI SASL mechanism, including the ability to obtain credentials from a keytab.

  • Added a new Entry.applyModifyDN method that can update the client-side representation of entry to reflect the changes that would be applied by a given modify DN operation. This updates both the entry DN and the corresponding attribute values in the entry.

  • Updated the in-memory directory server and the LDAP listener framework to make it possible to configure a maximum number of concurrent connections. You can also specify an entry to use as the in-memory directory server's root DSE.