Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-847

LdapExtLoginModule rolesSearch yields Decode Error

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Unresolved
    • Major
    • None
    • PicketBox_4_0_21.Beta1
    • PicketBox

    Description

      Migrating an application using LdapExtLoginModule from jboss-4.2.3.GA to wildfly-8.1

      Encountered a problem with ldap roles search:

      javax.naming.NamingException: [LDAP: error code 1 - Decode Error in response from BE (backend problem)]; remaining name 'ou=

      debugging and comparing result:

      jboss-4.2.3.GA LdapExtLoginModule does set javax.naming.directory.SearchControls.setReturningAttributes for role search:

      jboss-4.2.3.GA LdapExtLoginModule
               SearchControls constraints = new SearchControls();
         constraints.setSearchScope(searchScope);
         constraints.setReturningAttributes(new String[0]);
         constraints.setTimeLimit(searchTimeLimit);
         rolesSearch(ctx, constraints, username, userDN, recursion, 0);

      wildfly-8.1 picketbox-4.0.21.Beta1.jar LdapExtLoginModule does NOT set javax.naming.directory.SearchControls.setReturningAttributes for role search:

      wildfly-8.1 LdapExtLoginModule
               // Query for roles matching the role filter
         SearchControls constraints = new SearchControls();
         constraints.setSearchScope(searchScope);
         constraints.setTimeLimit(searchTimeLimit);
         rolesSearch(ctx, constraints, username, userDN, recursion, 0);

      Attachments

        Activity

          People

            pskopek@redhat.com Peter Skopek
            work_registries John Doe (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: