[jboss-jira] [JBoss JIRA] Commented: (JBPORTAL-1592) Backslashes not escaped correctly with ldap modules

Boleslaw Dawidowicz (JIRA) jira-events at lists.jboss.org
Mon Aug 20 17:11:19 EDT 2007 

    [ http://jira.jboss.com/jira/browse/JBPORTAL-1592?page=comments#action_12373013 ] 
            
Boleslaw Dawidowicz commented on JBPORTAL-1592:
-----------------------------------------------

Ok, few things here:

1) Your configuration was wrong
 - {1} does nothing. Only {0} is valid for roleSearchFilter
 - instead of '(&((member={1})(objectClass=groupOfNames))) ' it should be '(&((cn={0})(objectClass=groupOfNames)))'

Simply you are mixing two things here. RoleModule is responsible only for resolving roles and not user/role relationship. For this you should use proper MembershipModule (LDAPStaticGroupMembershipModuleImpl or LDAPStaticRoleMembershipModuleImpl) and correct 'membershipAttributeID' and 'membershipAttributeIsDN' (see in doc or look into standardidentity-config.xml file). Its all in the docs

2) Still... the issue you described was present, and the solution you proposed was quite a good one :) I was just missing proper use case to make valid test case. Currently uid  'jduke4, Duke' is part of testsuite. I also tested manualy with attached ldif.

Thanks!




> Backslashes not escaped correctly with ldap modules
> ---------------------------------------------------
>
>                 Key: JBPORTAL-1592
>                 URL: http://jira.jboss.com/jira/browse/JBPORTAL-1592
>             Project: JBoss Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Portal Identity
>    Affects Versions: 2.6 Final
>         Environment: Windows XP Professional, Jboss 4.3.0, JBoss_Portal_2_6_0 from svn
>            Reporter: Tobias Roth
>         Assigned To: Boleslaw Dawidowicz
>             Fix For: 2.8 Final, 2.6.2 Final
>
>         Attachments: demo.ldif, ldap_identity-config.xml
>
>
> LDAPRoleModule and LDAPExtRoleModule don't find roles associated with users, if the users DN contains a backslash, as it is frequent with Microsoft Active Directory.
> Example logfile excerpts and are given in the forum.
> I added a simple  filter = filter.replaceAll("\\\\", "\\\\\\\\"); in one place in LDAPExtRoleModuleImpl.java which fixed the thing for me. However, not knowing much of java, I don't know the correct place to add this, so that all cases are fixed.
> Thanks

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list