Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-1682

LDAP support: Roles in root context (empty searchBase) not supported

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • JBossAS-4.0.2 Final
    • JBossAS-4.0.1 SP1
    • Security
    • None

    Description

      Domino LDAP requires the roles to be read from the root context (empty search base).

      This fails at the moment because in org.jboss.security.auth.spi.LdapLoginModule, line 28x, there is

      if (rolesCtxDN != null)
      {
      ... process roles ...
      }

      This will not work with an empty rolesCtxDN.

      An entry like the following should do the trick, but actually won't work:

      login-config.xml/application policy:
      <module-option name="rolesCtxDN"></module-option>

      Attachments

        Issue Links

          is related to

          Feature Request - Feature requests from customers and/or users JBAS-1525 Generalize the LdapLoginModule user and roles search mechanism

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              starksm64 Scott Stark (Inactive)
              holger.willenborg_jira Holger Willenborg (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: