Bug 1065515

Summary: [GSS] (6.2.x) AdvancedLdap login module does not handle a user that has a slash character in the uid
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Derek Horton <dehort>
Component: SecurityAssignee: Dominik Pospisil <dpospisi>
Status: CLOSED CURRENTRELEASE QA Contact: Josef Cacek <jcacek>
Severity: unspecified Docs Contact: Russell Dickenson <rdickens>
Priority: unspecified    
Version: 6.1.0CC: bmaxwell, cdewolf, jawilson, olukas, smumford
Target Milestone: CR2   
Target Release: EAP 6.2.2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1065476 Environment:
Last Closed: 2014-06-02 12:50:37 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1065476    
Bug Blocks: 1049365, 1065448, 1065513    

Description Derek Horton 2014-02-14 20:22:01 UTC 
+++ This bug was initially created as a clone of Bug #1065476 +++

Description of problem:

AdvancedLdap login module does not handle a user that has a slash character in the uid.

For example, JBoss will fail to authenticate the following user correctly:

dn: uid=weird/user,ou=Users,dc=my-domain,dc=com
uid: weird/user
cn: Weird User

https://issues.jboss.org/browse/SECURITY-795

--- Additional comment from Derek Horton on 2014-02-14 13:28:34 EST ---

PR for upstream:
https://github.com/wildfly/jboss-negotiation/pull/2
Comment 2 JBoss JIRA Server 2014-02-19 19:11:34 UTC 
Darran Lofthouse <darran.lofthouse> updated the status of jira SECURITY-795 to Resolved
Comment 4 Ondrej Lukas 2014-03-04 10:20:19 UTC 
Verified on EAP 6.2.2.CR2.