[jboss-jira] [JBoss JIRA] (WFLY-6037) User with Slash char in LDAP name cannot log in through security-realm
Hynek Švábek (JIRA)
issues at jboss.org
Wed Jan 20 03:31:00 EST 2016
Hynek Švábek created WFLY-6037:
----------------------------------
Summary: User with Slash char in LDAP name cannot log in through security-realm
Key: WFLY-6037
URL: https://issues.jboss.org/browse/WFLY-6037
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Hynek Švábek
Assignee: Darran Lofthouse
According to LDAP specification [1], DN can contain slash char without escaping, etc.
I am not able to log in to management console with username "Slash/Char". But I would be able to log in there.
I can see this in Wireshark
{code}
LDAPMessage bindRequest(1) ""uid=Slash/Char",ou=People,o=LdapRealmSpecialNameManualTest7d339efa,o=primary,dc=jboss,dc=org" simple
LDAPMessage bindResponse(1) invalidDNSyntax (Incorrect DN given : "uid=Slash/Char",ou=People,o=LdapRealmSpecialNameManualTest7d339efa,o=primary,dc=jboss,dc=org (0x22 0x75 0x69 0x64 0x3D 0x53 0x6C 0x61 0x73 0x68 0x2F 0x43 0x68 0x61 0x72 0x2
{code}
You can see there quotation marks around *uid=Slash/Char*.
In my opinion problem can be somewhere around this
{code}
javax.naming.NameImpl.stringifyComp(String comp)
{code}
[1] https://tools.ietf.org/html/rfc2253#section-3
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list