Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1065486 - [GSS] (6.3.0) LdapExtended login module does not handle a user that has a slash character in the uid
Summary: [GSS] (6.3.0) LdapExtended login module does not handle a user that has a sla...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ER4
: EAP 6.3.0
Assignee: Derek Horton
QA Contact: Josef Cacek
Russell Dickenson
URL:
Whiteboard:
Depends On:
Blocks: 1067584 1067599
TreeView+ depends on / blocked
 
Reported: 2014-02-14 18:36 UTC by Derek Horton
Modified: 2018-12-05 17:18 UTC (History)
4 users (show)

Doc Type: Bug Fix
Doc Text:
In previous versions of JBoss EAP 6, user authentications would fail if the User ID (UID) contained a 'slash' character ('/'). This was because the LdapExtended login module did not handle the character correctly. In this release of the product the module has been updated and now removes quotes from the user DN before binding. This resolves the issue and users can authenticate as expected.
Clone Of:
Environment:
Last Closed: 2014-06-28 15:43:11 UTC
Type: Bug


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
JBoss Issue Tracker SECURITY-796 Major Resolved LdapExtended login module does not handle a user that has a slash character in the uid 2014-07-24 07:27:05 UTC

Description Derek Horton 2014-02-14 18:36:46 UTC
Description of problem:

LdapExtended login module does not handle a user that has a slash character in the uid.

For example, JBoss will fail to authenticate the following user correctly:

dn: uid=weird/user,ou=Users,dc=my-domain,dc=com
uid: weird/user
cn: Weird User

https://issues.jboss.org/browse/SECURITY-796

Comment 1 JBoss JIRA Server 2014-02-20 16:57:35 UTC
Derek Horton <dhorton@redhat.com> updated the status of jira SECURITY-796 to Resolved

Comment 5 Hynek Mlnarik 2014-05-14 15:51:17 UTC
Verified in 6.3.0.ER4

Comment 6 Nichola Moore 2014-05-15 05:02:10 UTC
Changed back to Known Issue as per 1097167. 

Doc text:

In previous versions of JBoss EAP 6, user authentications would fail if the User ID (UID) contained a 'slash' character ('/'). This was because the LdapExtended login module did not handle the character correctly. In this release of the product the module has been updated and now removes quotes from the user DN before binding. This resolves the issue and users can authenticate as expected.


Note You need to log in before you can comment on or make changes to this bug.