[jboss-jira] [JBoss JIRA] (ELY-922) Elytron ldap-realm does not handle loops in referrals
Jan Kalina (JIRA)
issues at jboss.org
Mon Feb 6 08:02:00 EST 2017
Jan Kalina created ELY-922:
------------------------------
Summary: Elytron ldap-realm does not handle loops in referrals
Key: ELY-922
URL: https://issues.jboss.org/browse/ELY-922
Project: WildFly Elytron
Issue Type: Bug
Components: Realms
Affects Versions: 1.1.0.Beta21
Reporter: Jan Kalina
Assignee: Jan Kalina
Priority: Critical
According to LDAP specification [1]: "Clients that follow referrals MUST ensure that they do not loop between servers. They MUST NOT repeatedly contact the same server for the same request with the same parameters.".
When application server is configured to use ldap-realm with dir-context which uses referral-mode=follow or throw and LDAP servers contain loop then it leads to infinite cycle. It can results to java.lang.OutOfMemoryError on EAP server.
[1] http://tools.ietf.org/html/rfc4511#section-4.1.10
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list