From 2e3ae7eddc42878d45c36f750ec7b26db7ecf91a Mon Sep 17 00:00:00 2001
From: michaeloffner <michaeloffner@users.noreply.github.com>
Date: Mon, 14 Oct 2024 11:43:00 +0200
Subject: [PATCH] LDEV-3079 - remove dependence on com.sun on classes no longer
 exist in java 21

---
 .../lucee/runtime/engine/CFMLEngineImpl.java  |  2 --
 .../runtime/functions/xml/XmlSearch.java      | 11 +-------
 .../lucee/runtime/net/ldap/LDAPClient.java    | 25 +++++++++----------
 loader/build.xml                              |  2 +-
 loader/pom.xml                                |  2 +-
 5 files changed, 15 insertions(+), 27 deletions(-)

diff --git a/core/src/main/java/lucee/runtime/engine/CFMLEngineImpl.java b/core/src/main/java/lucee/runtime/engine/CFMLEngineImpl.java
index bcefd86e24..ef473ffe9e 100644
--- a/core/src/main/java/lucee/runtime/engine/CFMLEngineImpl.java
+++ b/core/src/main/java/lucee/runtime/engine/CFMLEngineImpl.java
@@ -187,8 +187,6 @@ public final class CFMLEngineImpl implements CFMLEngine {
 
 	static {
 		System.setProperty("org.apache.commons.logging.Log", "org.apache.commons.logging.impl.NoOpLog");
-		System.setProperty("javax.xml.bind.context.factory", "com.sun.xml.bind.v2.ContextFactory");
-
 	}
 
 	public static final PrintStream CONSOLE_ERR = System.err;
diff --git a/core/src/main/java/lucee/runtime/functions/xml/XmlSearch.java b/core/src/main/java/lucee/runtime/functions/xml/XmlSearch.java
index 0239ea590f..bb1b13d3b9 100644
--- a/core/src/main/java/lucee/runtime/functions/xml/XmlSearch.java
+++ b/core/src/main/java/lucee/runtime/functions/xml/XmlSearch.java
@@ -56,16 +56,7 @@
  * Implements the CFML Function xmlsearch
  */
 public final class XmlSearch implements Function {
-	/*
-	 * static { System.setProperty("-Dorg.apache.xml.dtm.DTMManager",
-	 * "org.apache.xml.dtm.ref.DTMManagerDefault"); System.setProperty("org.apache.xml.dtm.DTMManager",
-	 * "org.apache.xml.dtm.ref.DTMManagerDefault");
-	 * System.setProperty("-Dcom.sun.org.apache.xml.internal.dtm.DTMManager",
-	 * "com.sun.org.apache.xml.internal.dtm.ref.DTMManagerDefault");
-	 * System.setProperty("com.sun.org.apache.xml.internal.dtm.DTMManager",
-	 * "com.sun.org.apache.xml.internal.dtm.ref.DTMManagerDefault"); }
-	 */
-	private static final long serialVersionUID = 5770611088309897382L;
+	static final long serialVersionUID = 5770611088309897382L;
 
 	private static List<String> operators = new ArrayList<String>();
 
diff --git a/core/src/main/java/lucee/runtime/net/ldap/LDAPClient.java b/core/src/main/java/lucee/runtime/net/ldap/LDAPClient.java
index 50f5b566a9..63ed9ed324 100644
--- a/core/src/main/java/lucee/runtime/net/ldap/LDAPClient.java
+++ b/core/src/main/java/lucee/runtime/net/ldap/LDAPClient.java
@@ -19,8 +19,6 @@
 package lucee.runtime.net.ldap;
 
 import java.io.IOException;
-import java.security.Provider;
-import java.security.Security;
 import java.util.Enumeration;
 import java.util.Hashtable;
 
@@ -38,7 +36,6 @@
 import javax.naming.ldap.InitialLdapContext;
 
 import lucee.commons.lang.ClassException;
-import lucee.commons.lang.ClassUtil;
 import lucee.commons.lang.StringUtil;
 import lucee.runtime.exp.PageException;
 import lucee.runtime.op.Caster;
@@ -127,33 +124,35 @@ public void setCredential(String username, String password) {
 	}
 
 	/**
-	 * sets the secure Level
+	 * Sets the secure level for the LDAP connection.
 	 * 
 	 * @param secureLevel [SECURE_CFSSL_BASIC, SECURE_CFSSL_CLIENT_AUTH, SECURE_NONE]
 	 * @throws ClassNotFoundException
 	 * @throws ClassException
 	 */
 	public void setSecureLevel(short secureLevel) throws ClassException {
-		// Security
+		// SSL basic security level
 		if (secureLevel == SECURE_CFSSL_BASIC) {
+			// Enabling SSL protocol for the connection
 			env.put("java.naming.security.protocol", "ssl");
-			env.put("java.naming.ldap.factory.socket", "javax.net.ssl.SSLSocketFactory");/* JAVJAK */
-			Class clazz = ClassUtil.loadClass("com.sun.net.ssl.internal.ssl.Provider");
 
-			try {
-				Security.addProvider((Provider) ClassUtil.newInstance(clazz));
-			}
-			catch (Exception e) {
-				throw new RuntimeException(e);
-			}
+			// Using the standard Java SSLSocketFactory for secure connections
+			env.put("java.naming.ldap.factory.socket", "javax.net.ssl.SSLSocketFactory");
 
+			// SSL client authentication level
 		}
 		else if (secureLevel == SECURE_CFSSL_CLIENT_AUTH) {
+			// Enabling SSL protocol and setting external client authentication
 			env.put("java.naming.security.protocol", "ssl");
 			env.put("java.naming.security.authentication", "EXTERNAL");
+
+			// No security (simple authentication)
 		}
 		else {
+			// Default simple authentication, no SSL
 			env.put("java.naming.security.authentication", "simple");
+
+			// Removing security-related configurations if not using SSL
 			env.remove("java.naming.security.protocol");
 			env.remove("java.naming.ldap.factory.socket");
 		}
diff --git a/loader/build.xml b/loader/build.xml
index f01397d6bb..a20ad36ff5 100644
--- a/loader/build.xml
+++ b/loader/build.xml
@@ -2,7 +2,7 @@
 <project default="core" basedir="." name="Lucee" 
   xmlns:resolver="antlib:org.apache.maven.resolver.ant">
 
-  <property name="version" value="6.1.1.97-SNAPSHOT"/>
+  <property name="version" value="6.1.1.98-SNAPSHOT"/>
 
   <taskdef uri="antlib:org.apache.maven.resolver.ant" resource="org/apache/maven/resolver/ant/antlib.xml">
     <classpath>
diff --git a/loader/pom.xml b/loader/pom.xml
index 81ca0a8d8e..92696fa7b1 100644
--- a/loader/pom.xml
+++ b/loader/pom.xml
@@ -3,7 +3,7 @@
 
   <groupId>org.lucee</groupId>
   <artifactId>lucee</artifactId>
-  <version>6.1.1.97-SNAPSHOT</version>
+  <version>6.1.1.98-SNAPSHOT</version>
   <packaging>jar</packaging>
 
   <name>Lucee Loader Build</name>