[jboss-jira] [JBoss JIRA] (WFLY-7316) LDAP referrals does not work for Elytron dir-context since value of dir-context.referral-mode is always ignored
Jan Kalina (JIRA)
issues at jboss.org
Fri Oct 14 09:27:01 EDT 2016
[ https://issues.jboss.org/browse/WFLY-7316?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13307233#comment-13307233 ]
Jan Kalina commented on WFLY-7316:
----------------------------------
By discussion, maybe there will be need to add "filter" attribute to the ldap-realm, similar like in ldap-key-store already is to work with referrals:
(|(objectClass=refferal)(uid={0}))
(will have to check yet if it helps, but by Ondřej it is solved in Picketbox by this way)
> LDAP referrals does not work for Elytron dir-context since value of dir-context.referral-mode is always ignored
> ---------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7316
> URL: https://issues.jboss.org/browse/WFLY-7316
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Ondrej Lukas
> Assignee: Jan Kalina
> Priority: Blocker
>
> Elytron dir-context is not able to follow/throw referrals in LDAP search. Value set in Elytron {{dir-context.referral-mode}} is ignored by Elytron.
> InitialLdapContext {{java.naming.referral}} parameter is internally always set to value {{ignore}}. It is caused by ignoring {{ReferralMode}} parameter in {{obtainDirContext}} of {{org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory}} [1].
> We request blocker flag since this issue causes that referrals cannot be used for LDAP search with Elytron.
> [1] https://github.com/wildfly-security/wildfly-elytron/blob/cb57f2f0ffcdb1470e3135007603c97679b9434f/src/main/java/org/wildfly/security/auth/realm/ldap/SimpleDirContextFactoryBuilder.java#L222
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list