-
Bug
-
Resolution: Done
-
Blocker
-
7.1.0.DR10
-
Regression
-
-
-
-
-
-
-
In case of securing management interface with ldap in security realm. When nonexistent user is provided, EAP answers with 500 http status code. It is different behaviour compared to EAP 7.0, which returns 401. I think http status code 401 is proper in this situation, because it is client fault (e.g. typo in username) and can be repaired on client side.
10:49:18,745 TRACE [org.wildfly.security] (management task-10) Handling MechanismInformationCallback 10:49:18,746 TRACE [org.wildfly.security] (management task-10) Handling AvailableRealmsCallback: realms = [ldap-realm] 10:49:18,746 TRACE [org.wildfly.security] (management task-10) Handling RealmCallback: selected = [ldap-realm] 10:49:18,746 TRACE [org.wildfly.security] (management task-10) Handling NameCallback: authenticationName = anil 10:49:18,746 TRACE [org.wildfly.security] (management task-10) Name assigning: [anil], pre-realm rewritten: [anil], realm name: [PLAIN], post realm rewritten: [anil], realm rewritten: [anil] 10:49:18,746 TRACE [org.jboss.as.domain.management.security] (management task-10) Non caching search for 'anil' 10:49:18,746 TRACE [org.jboss.as.domain.management.security] (management task-10) Performing single level search 10:49:18,746 TRACE [org.jboss.as.domain.management.security] (management task-10) Searching for user 'anil' using filter '(uid={0})'. 10:49:18,746 TRACE [org.jboss.as.domain.management.security] (management task-10) Connecting to LDAP with properties ({java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.provider.url=ldap://localhost.localdomain:10389, java.naming.security.principal=uid=admin,ou=system, java.naming.security.credentials=***, java.naming.referral=ignore}) 10:49:18,749 WARN [org.apache.directory.server.core.api.interceptor.context.FilteringOperationContext] (pool-7-thread-1) Requested attribute dn does not exist in the schema, it will be ignored 10:49:18,750 TRACE [org.jboss.as.domain.management.security] (management task-10) User 'anil' not found in directory.
- causes
-
JBEAP-9343 Legacy ldap realm returns 401 if LDAP is unreachable
- Closed
- is cloned by
-
WFCORE-2258 500 return for nonexistent user in legacy ldap security realm
- Resolved
- is duplicated by
-
JBEAP-8584 Missing username in LDAP entry for legacy ldap realm returns 500 instead of 401
- Closed
- is incorporated by
-
JBEAP-8874 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta6
- Closed