anonymous access in ldap ------------------------ Key: JBPORTAL-2272 URL: https://jira.jboss.org/jira/browse/JBPORTAL-2272 Project: JBoss Portal Issue Type: Bug Security Level: Public (Everyone can see) Components: Portal Identity Affects Versions: Identity-1.0.3 Environment: jboss portal 2.7.0 final in jboss 4.2.3.GA Reporter: Luca Stancapiano Assignee: Luca Stancapiano Fix For: Identity-1.1 using org.jboss.portal.identity.ldap.LDAPConnectionContext to log into the portal with LDAP I see that anonymous access is not supported. Many customers don't permit authenticated access to own ldap server. If I set into conf/ldap_identity-config.xml a configuration as: <identity-configuration> <datasources> <datasource> ................ <option> <name>adminDN</name> <value></value> </option> <option> <name>adminPassword</name> <value></value> </option> ................. </datasource> ....I receive adminDN and adminPassword values as null into org.jboss.portal.identity.ldap.LDAPConnectionContext code at row 100: env.put(Context.SECURITY_PRINCIPAL, this.getAdminDN()); env.put(Context.SECURITY_CREDENTIALS, this.getAdminPassword()); so I get a NullPointerException and I cannot to login. We can modify this code in this manner: if (this.getAdminDN() != null) env.put(Context.SECURITY_PRINCIPAL, this.getAdminDN()); if (this.getAdminPassword() != null) env.put(Context.SECURITY_CREDENTIALS, this.getAdminPassword()); So we get an anonymous access into the portal -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira