[jboss-jira] [JBoss JIRA] Created: (JBPORTAL-2272) anonymous access in ldap
Luca Stancapiano (JIRA)
jira-events at lists.jboss.org
Tue Jan 6 06:19:14 EST 2009
anonymous access in ldap
------------------------
Key: JBPORTAL-2272
URL: https://jira.jboss.org/jira/browse/JBPORTAL-2272
Project: JBoss Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Portal Identity
Affects Versions: Identity-1.0.3
Environment: jboss portal 2.7.0 final in jboss 4.2.3.GA
Reporter: Luca Stancapiano
Assignee: Luca Stancapiano
Fix For: Identity-1.1
using org.jboss.portal.identity.ldap.LDAPConnectionContext to log into the portal with LDAP I see that anonymous access is not supported. Many customers don't permit authenticated access to own ldap server. If I set into conf/ldap_identity-config.xml a configuration as:
<identity-configuration>
<datasources>
<datasource>
................
<option>
<name>adminDN</name>
<value></value>
</option>
<option>
<name>adminPassword</name>
<value></value>
</option>
.................
</datasource>
....I receive adminDN and adminPassword values as null into org.jboss.portal.identity.ldap.LDAPConnectionContext code at row 100:
env.put(Context.SECURITY_PRINCIPAL, this.getAdminDN());
env.put(Context.SECURITY_CREDENTIALS, this.getAdminPassword());
so I get a NullPointerException and I cannot to login. We can modify this code in this manner:
if (this.getAdminDN() != null)
env.put(Context.SECURITY_PRINCIPAL, this.getAdminDN());
if (this.getAdminPassword() != null)
env.put(Context.SECURITY_CREDENTIALS, this.getAdminPassword());
So we get an anonymous access into the portal
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list