Bug 1065515 - [GSS] (6.2.x) AdvancedLdap login module does not handle a user that has a slash character in the uid
Summary: [GSS] (6.2.x) AdvancedLdap login module does not handle a user that has a sla...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR2
: EAP 6.2.2
Assignee: Dominik Pospisil
QA Contact: Josef Cacek
Russell Dickenson
URL:
Whiteboard:
Depends On: 1065476
Blocks: eap62-cp02-blockers 1065448 1065513
TreeView+ depends on / blocked
 
Reported: 2014-02-14 20:22 UTC by Derek Horton
Modified: 2014-06-02 12:50 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of: 1065476
Environment:
Last Closed: 2014-06-02 12:50:37 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker SECURITY-795 0 Major Resolved AdvancedLdap login module does not handle a user that has a slash character in the uid 2014-04-09 23:24:38 UTC

Description Derek Horton 2014-02-14 20:22:01 UTC 
+++ This bug was initially created as a clone of Bug #1065476 +++

Description of problem:

AdvancedLdap login module does not handle a user that has a slash character in the uid.

For example, JBoss will fail to authenticate the following user correctly:

dn: uid=weird/user,ou=Users,dc=my-domain,dc=com
uid: weird/user
cn: Weird User

https://issues.jboss.org/browse/SECURITY-795

--- Additional comment from Derek Horton on 2014-02-14 13:28:34 EST ---

PR for upstream:
https://github.com/wildfly/jboss-negotiation/pull/2
Comment 2 JBoss JIRA Server 2014-02-19 19:11:34 UTC 
Darran Lofthouse <darran.lofthouse> updated the status of jira SECURITY-795 to Resolved
Comment 4 Ondrej Lukas 2014-03-04 10:20:19 UTC 
Verified on EAP 6.2.2.CR2.
Note You need to log in before you can comment on or make changes to this bug.