Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.DR16
Affects Version/s: 7.1.0.DR13
Component/s: Security
Labels:
- authentication
- eap71_beta
- ldap
- legacy

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Git Pull Request:
https://github.com/wildfly-security-incubator/wildfly-core/pull/103
Steps to Reproduce:
Hide

1) Start server

./standalone.sh

2) Configure server with CLI

/core-service=management/ldap-connection=ldapConnection:add(url="ldap://localhost:10389", search-credential="secret", search-dn="uid=admin,ou=system") /core-service=management/security-realm=ldap-realm:add() /core-service=management/security-realm=ldap-realm/authentication=ldap:add(connection=ldapConnection, base-dn="ou=People,dc=jboss,dc=org", username-attribute=uid) /core-service=management/management-interface=http-interface:write-attribute(name=security-realm, value=ldap-realm) reload

3) Access http://localhost:9990/management?operation=attribute&name=server-state in browser and provide credentials
4) Instead of 401 status code 500 is returned
Show
1) Start server ./standalone.sh 2) Configure server with CLI /core-service=management/ldap-connection=ldapConnection:add(url= "ldap: //localhost:10389" , search-credential= "secret" , search-dn= "uid=admin,ou=system" ) /core-service=management/security-realm=ldap-realm:add() /core-service=management/security-realm=ldap-realm/authentication=ldap:add(connection=ldapConnection, base-dn= "ou=People,dc=jboss,dc=org" , username-attribute=uid) /core-service=management/management- interface =http- interface :write-attribute(name=security-realm, value=ldap-realm) reload 3) Access http://localhost:9990/management?operation=attribute&name=server-state in browser and provide credentials 4) Instead of 401 status code 500 is returned

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

In EAP 7.0 legacy ldap realm returns 401 if LDAP server is unreachable.
In EAP 7.1 it changed to 500. QE and Dev aggreed it is more accure and documentation JIRA was created to cover this change ~~JBEAP-8125~~ .
Now again in DR13 legacy ldap realm returns 401 if LDAP server is unreachable

Based on prior Dev/QE agreement and current contradiction to documentation, I consider this to be a bug.

is caused by

JBEAP-8106 500 return for nonexistent user in legacy ldap security realm

Closed

is cloned by

WFCORE-2486 Legacy ldap realm returns 401 if LDAP is unreachable

Resolved

is incorporated by

JBEAP-9571 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta13

Closed

Assignee:: Darran Lofthouse

Reporter:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2017/03/07 2:27 AM

Updated:: 2024/09/02 4:56 PM

Resolved:: 2017/03/31 8:19 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates