[jboss-jira] [JBoss JIRA] (SECURITY-700) CLONE - AdvancedLdapLoginModule behavior should be aligned with LdapExtLoginModule

Darran Lofthouse (JIRA) jira-events at lists.jboss.org
Thu Oct 11 09:45:03 EDT 2012 

     [ https://issues.jboss.org/browse/SECURITY-700?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse resolved SECURITY-700.
---------------------------------------

      Assignee: Darran Lofthouse  (was: Anil Saldhana)
    Resolution: Rejected


No it should not be aligned, it is a new login module so has it's own implementation - as described before one of these changes is better handling of recursion.  If users want LdapExt behaviour then use LdapExt.
                
> CLONE - AdvancedLdapLoginModule behavior should be aligned with LdapExtLoginModule
> ----------------------------------------------------------------------------------
>
>                 Key: SECURITY-700
>                 URL: https://issues.jboss.org/browse/SECURITY-700
>             Project: PicketBox 
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>          Components: Negotiation
>            Reporter: Josef Cacek
>            Assignee: Darran Lofthouse
>
> AdvancedLdapLoginModule is based on LdapExtLoginModule, but behavior differs for some configurations.
> Testcase
> https://github.com/kwart/jboss-as/blob/JBQA-5129-jboss-negotiation-master/testsuite/integration/basic/src/test/java/org/jboss/as/test/integration/security/loginmodules/negotiation/AdvancedLdapLoginModuleTestCase.java
> Failing test methods:
> 1) test2 - role mapping object (roleAttributeIsDN==true) is not used as a role object itself. I.e. jduke role is not assigned to jduke user by AdvancedLdapLoginModule. The LdapExtLoginModule includes the jduke role - the change was based on JBAS-3312
> 2) test4 - recursion in AdvancedLdapLoginModule is enabled only if the roleAttributeIsDN module option is true. This is not required in LdapExtLogiModule.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list