[jboss-jira] [JBoss JIRA] (SECURITY-796) LdapExtended login module does not handle a user that has a slash character in the uid
Derek Horton (JIRA)
issues at jboss.org
Fri Feb 14 11:21:29 EST 2014
[ https://issues.jboss.org/browse/SECURITY-796?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Derek Horton updated SECURITY-796:
----------------------------------
Assignee: Stefan Guilhen (was: Darran Lofthouse)
Affects Version/s: PicketBox_4_0_20.Final
(was: Negotiation_2_2_5)
Component/s: PicketBox
(was: Negotiation)
> LdapExtended login module does not handle a user that has a slash character in the uid
> --------------------------------------------------------------------------------------
>
> Key: SECURITY-796
> URL: https://issues.jboss.org/browse/SECURITY-796
> Project: PicketBox
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: PicketBox
> Affects Versions: PicketBox_4_0_20.Final
> Reporter: Derek Horton
> Assignee: Stefan Guilhen
> Attachments: SECURITY-796.patch
>
>
> LdapExtended login module does not handle a user that has a slash character in the uid.
> For example, JBoss will fail to authenticate the following user correctly:
> dn: uid=weird/user,ou=Users,dc=my-domain,dc=com
> uid: weird/user
> cn: Weird User
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list