OpenDS and Sun JVM 1.6.0_21
By Ludo on Aug 04, 2010
Sun\^H\^H\^HOracle released an update to the Java Platform Standard Edition last month : JDK 6 Update 21.
Last week, both on #opends IRC channel and the users mailing list, we started to get questions on how to enable replication between 2 instances of OpenDS, because dsreplication was producing an error, stating that there was no base DNs available to enable replication between the 2 servers.
This was affecting the latest stable release of OpenDS (2.2.0) as well as the latest promoted-build and daily-builds.
After several exchanges and attempts to reproduce the problem, we found that the root cause was some changes in JDK 6 update 21, and more specifically in the parsing of the LDAP filters in JNDI. The new code has a stricter parsing and will mess with LDAP filters not surrounded by parentheses. " cn=Foo" is according to RFC 4515 not a valid filter whereas "(cn=Foo)" is.
There was one occurrence of an invalid filter in OpenDS internals, exercised when enabling replication for the first time. We fixed the issue (#4575) yesterday and starting with today's daily-build, you can use the latest version of the Java run-time with OpenDS.
We're looking at providing an updated version of the 2.2 version to solve this issue as well as a few other important corrections. No ETA for this though.