Uploaded image for project: 'JBoss Enterprise Application Platform 4 and 5'
  1. JBoss Enterprise Application Platform 4 and 5
  2. JBPAPP-5974 Update to JBoss Security 2.0.4.SP7
  3. JBPAPP-5940

parseRoleNameFromDN functionality is missing from LdapExtLoginModule in EAP 5.1.0

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: Major Major
    • EAP_EWP 5.1.1
    • EAP_EWP 5.1.0
    • Security
    • None
    • Regression
    • LdapExtLoginModule queried LDAP for the roleNameAttributeID instead of checking the returned distinguished name. This was slow. To improve performance, a parseRoleNameFromDN option has been added to the module.
    • Documented as Resolved Issue

      The parseRoleNameFromDN functionality is missing from the LdapExtLoginModule in EAP 5.1.0. This is causing customers LDAP authentication to be slow.

      Issue is a duplicate of the following:
      https://issues.jboss.org/browse/ASPATCH-287
      https://issues.jboss.org/browse/JBAS-4619
      https://issues.jboss.org/browse/JBPAPP-607

      Issue was resolved in 4.0.5 and 4.3.0. Customer needs the fix applied to EAP 5.1.0.

      From ASPATCH-287:
      Improve the performance of the LdapExtLoginModule by adding a parseRoleNameFromDN option or check the returned DN to see if it already includes the roleNameAttributeID, and if it does, parse the roleNameAttributeID from the DN rather than querying LDAP for the roleNameAttributeID.

              anil.saldhana Anil Saldanha (Inactive)
              rhn-support-dehort Derek Horton
              Laura Bailey Laura Bailey
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: