[jboss-jira] [JBoss JIRA] (WFLY-7305) Getting identity by DN in Elytron ldap-realm should be case insensitive
Ondrej Lukas (JIRA)
issues at jboss.org
Thu Oct 13 07:12:00 EDT 2016
Ondrej Lukas created WFLY-7305:
----------------------------------
Summary: Getting identity by DN in Elytron ldap-realm should be case insensitive
Key: WFLY-7305
URL: https://issues.jboss.org/browse/WFLY-7305
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
Elytron ldap-realm allows to use DN as username (e.g. full {{uid=jduke,ou=People,dc=jboss,dc=org}} can be used instead of {{jduke}}). However implementation requires that used DN must start with rdn-identifier in the same case sensitivity as is used in server configuration. Otherwise authentication fails. It means when server configuration uses {{rdn-identifier=uid}} then only {{uid=jduke,...}} can be correctly used, {{UID=jduke,...}} will fail.
LDAP specification does not talk about case sensitivity of attributes, but most of LDAP servers work with attributes as case insensitive.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list