In previous versions of JBoss EAP 6, the username string returned by the JVM's LDAP code was wrapped in double quotes if it contained a 'slash' (/) character. This broke any further LDAP lookups, including those for authentication and role lookup.
This meant that users with a 'slash' character in their username were not able to successfully authenticate when using the LdapExtended login module.
In this version of the product the double quotes are removed from the username returned from LDAP and users with slashes in the username are correctly authenticated.
Description of problem:
LdapExtended login module does not handle a user that has a slash character in the uid.
For example, JBoss will fail to authenticate the following user correctly:
dn: uid=weird/user,ou=Users,dc=my-domain,dc=com
uid: weird/user
cn: Weird User
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Configure an application to use a security-domain that is setup to use the LdapExtended login module.
2. Create a user that contains a slash char ('/') in the uid.
3. Attempt to authenticate the user.
Description of problem: LdapExtended login module does not handle a user that has a slash character in the uid. For example, JBoss will fail to authenticate the following user correctly: dn: uid=weird/user,ou=Users,dc=my-domain,dc=com uid: weird/user cn: Weird User Version-Release number of selected component (if applicable): Steps to Reproduce: 1. Configure an application to use a security-domain that is setup to use the LdapExtended login module. 2. Create a user that contains a slash char ('/') in the uid. 3. Attempt to authenticate the user.