[jboss-jira] [JBoss JIRA] (SECURITY-796) LdapExtended login module does not handle a user that has a slash character in the uid
Derek Horton (JIRA)
issues at jboss.org
Thu Feb 20 11:57:48 EST 2014
[ https://issues.jboss.org/browse/SECURITY-796?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12946543#comment-12946543 ]
Derek Horton commented on SECURITY-796:
---------------------------------------
Patch committed to trunk:
https://svn.jboss.org/repos/picketbox/trunk
> LdapExtended login module does not handle a user that has a slash character in the uid
> --------------------------------------------------------------------------------------
>
> Key: SECURITY-796
> URL: https://issues.jboss.org/browse/SECURITY-796
> Project: PicketBox
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: PicketBox
> Affects Versions: PicketBox_4_0_20.Final
> Reporter: Derek Horton
> Assignee: Stefan Guilhen
> Attachments: SECURITY-796.patch
>
>
> LdapExtended login module does not handle a user that has a slash character in the uid.
> For example, JBoss will fail to authenticate the following user correctly:
> dn: uid=weird/user,ou=Users,dc=my-domain,dc=com
> uid: weird/user
> cn: Weird User
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list