[JBoss JIRA] Created: (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
8:07 a.m.
LDAPIdentityStoreImpl not working when LDAP name contains "comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:09 a.m.
New subject: [JBoss JIRA] Updated: (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
[
https://issues.jboss.org/browse/GTNPORTAL-1948?page=com.atlassian.jira.pl...
]
Georg Fleischer updated GTNPORTAL-1948:
---------------------------------------
Attachment: ActiveDirectoryAndreasMueller.PNG
LDAPIdentityStoreImpl not working when LDAP name contains
"comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Labels: CN, IDM, LDAP, specialcharacters
Attachments: ActiveDirectoryAndreasMueller.PNG, idm-ldap-bug.txt
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:09 a.m.
New subject: [JBoss JIRA] Updated: (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
[
https://issues.jboss.org/browse/GTNPORTAL-1948?page=com.atlassian.jira.pl...
]
Georg Fleischer updated GTNPORTAL-1948:
---------------------------------------
Attachment: idm-ldap-bug.txt
Logfile attached
LDAPIdentityStoreImpl not working when LDAP name contains
"comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Labels: CN, IDM, LDAP, specialcharacters
Attachments: ActiveDirectoryAndreasMueller.PNG, idm-ldap-bug.txt
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:17 a.m.
New subject: [JBoss JIRA] Commented: (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
[
https://issues.jboss.org/browse/GTNPORTAL-1948?page=com.atlassian.jira.pl...
]
Boleslaw Dawidowicz commented on GTNPORTAL-1948:
------------------------------------------------
Did you try with latest gatein trunk or recently released 3.2.0 M01? There were minor
changes in idm-configuration.xml but you should be albe to easily try with same picketlink
config. Cannot recall for sure but I think I fixed similar issue already.
If it is fixed there but you don't want to update to latest gatein then it should be
easy to just use latest component/identity + picketlink jars and newer identity config
files.
LDAPIdentityStoreImpl not working when LDAP name contains
"comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Labels: CN, IDM, LDAP, specialcharacters
Attachments: ActiveDirectoryAndreasMueller.PNG, idm-ldap-bug.txt
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:29 a.m.
New subject: [JBoss JIRA] Updated: (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
[
https://issues.jboss.org/browse/GTNPORTAL-1948?page=com.atlassian.jira.pl...
]
Boleslaw Dawidowicz updated GTNPORTAL-1948:
-------------------------------------------
Fix Version/s: 3.2.0-M02
LDAPIdentityStoreImpl not working when LDAP name contains
"comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Labels: CN, IDM, LDAP, specialcharacters
Fix For: 3.2.0-M02
Attachments: ActiveDirectoryAndreasMueller.PNG, idm-ldap-bug.txt
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
2:38 p.m.
New subject: [JBoss JIRA] (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
[
https://issues.jboss.org/browse/GTNPORTAL-1948?page=com.atlassian.jira.pl...
]
Boleslaw Dawidowicz updated GTNPORTAL-1948:
-------------------------------------------
Fix Version/s: 3.2.0-CR01
(was: 3.2.0-Beta01)
LDAPIdentityStoreImpl not working when LDAP name contains
"comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Labels: CN, IDM, LDAP, specialcharacters
Fix For: 3.2.0-CR01
Attachments: ActiveDirectoryAndreasMueller.PNG, idm-ldap-bug.txt
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
6:31 a.m.
New subject: [JBoss JIRA] (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
[
https://issues.jboss.org/browse/GTNPORTAL-1948?page=com.atlassian.jira.pl...
]
Boleslaw Dawidowicz updated GTNPORTAL-1948:
-------------------------------------------
Fix Version/s: 3.2.0-GA
(was: 3.2.0-CR01)
LDAPIdentityStoreImpl not working when LDAP name contains
"comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Labels: CN, IDM, LDAP, specialcharacters
Fix For: 3.2.0-GA
Attachments: ActiveDirectoryAndreasMueller.PNG, idm-ldap-bug.txt
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:05 p.m.
New subject: [JBoss JIRA] (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
[
https://issues.jboss.org/browse/GTNPORTAL-1948?page=com.atlassian.jira.pl...
]
Boleslaw Dawidowicz updated GTNPORTAL-1948:
-------------------------------------------
Fix Version/s: 3.3.0.CR01
(was: 3.2.0-GA)
LDAPIdentityStoreImpl not working when LDAP name contains
"comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Labels: CN, IDM, LDAP, specialcharacters
Fix For: 3.3.0.CR01
Attachments: ActiveDirectoryAndreasMueller.PNG, idm-ldap-bug.txt
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:31 a.m.
New subject: [JBoss JIRA] (GTNPORTAL-1948) LDAPIdentityStoreImpl not working when LDAP name contains "comma"
[
https://issues.jboss.org/browse/GTNPORTAL-1948?page=com.atlassian.jira.pl...
]
Boleslaw Dawidowicz resolved GTNPORTAL-1948.
--------------------------------------------
Fix Version/s: 3.4.0.M01
(was: 3.4.0.Final)
Resolution: Done
I believe it is fixed in latest picketlink idm
LDAPIdentityStoreImpl not working when LDAP name contains
"comma"
-----------------------------------------------------------------
Key: GTNPORTAL-1948
URL: https://issues.jboss.org/browse/GTNPORTAL-1948
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: Identity integration
Affects Versions: 3.1.0-GA
Environment: Enterprise Portal Platform 5.1.0
CentOS 5.4
Microsoft Active Directory
Reporter: Georg Fleischer
Assignee: Boleslaw Dawidowicz
Labels: CN, IDM, LDAP, specialcharacters
Fix For: 3.4.0.M01
Attachments: ActiveDirectoryAndreasMueller.PNG, idm-ldap-bug.txt
Situation:
In our Active Directory the users were created with names containing a comma. For example
the user "Andreas Mueller" has the LDAP name "Mueller, Andreas" (see
attached screenshot).
I have configured the LDAP Identity store using the predefined configuration:
picketlink-idm-msad-readonly-config.xml
All groups and users are displayed correctly in the User- and Group Management of the
portal, but the users are not listed inside the groups.
Identified problem:
I tracked down the problem by enabling logging for the LDAPIdentityStoreImpl class and
gathered the log attached to this issue.
In my oppinion the problem lies between line 19 and line 20 in the log.
Method 'findIdentityObject' called with arguments: id; CN=Mueller\,
Andreas,OU=Stadt,OU=KOMM,OU=IDVSFDP_ORGS,DC=dus,DC=local;
Method 'findIdentityObject' called with arguments: name; Mueller\;
IdentityObjectType; SimpleIdentityObjectType{name='msad_roles_type'};
I seems that the correct CN is found, but in the next line the escaped comma was not
recognized. Instead of "Mueller\, Andreas" only the name "Mueller\" is
used for search. And this user does not exist.
Kind regards,
Georg Fleischer
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
4513
days inactive
4908
days old
8 comments
3 participants
participants (3)
-
Boleslaw Dawidowicz (JIRA) -
Boleslaw Dawidowicz (Updated) (JIRA)
-
Georg Fleischer (JIRA)