[jboss-jira] [JBoss JIRA] Updated: (JBPORTAL-2272) anonymous access in ldap

Luca Stancapiano (JIRA) jira-events at lists.jboss.org
Tue Jan 6 06:23:04 EST 2009 

     [ https://jira.jboss.org/jira/browse/JBPORTAL-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Luca Stancapiano updated JBPORTAL-2272:
---------------------------------------

    Environment: identity module from https://svn.jboss.org/repos/portal/modules/identity/trunk , jboss portal 2.7.0 final in jboss 4.2.3.GA  (was: jboss portal 2.7.0 final in jboss 4.2.3.GA)


> anonymous access in ldap
> ------------------------
>
>                 Key: JBPORTAL-2272
>                 URL: https://jira.jboss.org/jira/browse/JBPORTAL-2272
>             Project: JBoss Portal
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Portal Identity
>    Affects Versions: Identity-1.0.3
>         Environment: identity module from https://svn.jboss.org/repos/portal/modules/identity/trunk , jboss portal 2.7.0 final in jboss 4.2.3.GA
>            Reporter: Luca Stancapiano
>            Assignee: Luca Stancapiano
>             Fix For: Identity-1.1
>
>
> using org.jboss.portal.identity.ldap.LDAPConnectionContext to log into the portal with LDAP I see that anonymous access is not supported. Many customers don't permit authenticated access to own ldap server. If I set into conf/ldap_identity-config.xml a configuration as:
> <identity-configuration>
>    <datasources>
>       <datasource>
>             ................
>             <option>
>                <name>adminDN</name>
>                <value></value>
>             </option>
>             <option>
>                <name>adminPassword</name>
>                <value></value>
>             </option>
>             .................
>           </datasource>
> ....I receive adminDN and adminPassword values as null into org.jboss.portal.identity.ldap.LDAPConnectionContext code at row 100:
>          env.put(Context.SECURITY_PRINCIPAL, this.getAdminDN());
>          env.put(Context.SECURITY_CREDENTIALS, this.getAdminPassword());
> so I get a NullPointerException and I cannot to login. We can modify this code in this manner:
>       if (this.getAdminDN() != null)
>          env.put(Context.SECURITY_PRINCIPAL, this.getAdminDN());
>       if (this.getAdminPassword() != null)
>          env.put(Context.SECURITY_CREDENTIALS, this.getAdminPassword());
> So we get an anonymous access into the portal

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list