Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: JBossAS-4.0.5.GA, JBossAS-5.0.0.Beta4
Affects Version/s: JBossAS-4.0.3 SP1
Component/s: Security
Labels:
None

SFDC Cases Counter:
SFDC Cases Links:

Description

File: /jbosssx/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java (revision 1.7)
Method: protected void rolesSearch(InitialLdapContext ctx, SearchControls constraints, String user, String userDN, int recursionMax, int nesting)
Line: 407 "String dn = sr.getName() + "," + rolesCtxDN;"

Summary:
Under some conditions the string returned by sr.getName() may include inverted commas ("). When the dn variable is created by concatenating sr.getName() with rolesCtxDN the inverted comma is placed in the middle of the dn string. When ctx.getAttributes(dn, attrNames) is called (on line 409) an InvalidNameException is thrown. The exception is generated by the javax.naming.NameImpl, reporting "close quote appears before end of component".

Conditions:
This problem seems to occur when a '/' character is present in the name of the search result. In other words, under MS active directory if the name is of the form 'abc/def' it will be returned surrounded by inverted commas ie '"abc/def"'.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

ldap-jboss.patch
1 kB
2006/08/11 9:56 AM

Activity

People

Assignee:: Anil Saldanha (Inactive)

Reporter:: johnstok - (Inactive)

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2006/07/27 7:25 AM

Updated:: 2007/01/10 11:59 AM

Resolved:: 2006/08/17 10:45 AM