Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-3653

Ldap*LoginModule fail to retrieve multiple role names when roleAttributeIsDN=true

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • JBossAS-4.0.5.GA
    • JBossAS-4.0.4.GA
    • Security
    • None

      For a schema like example2.ldif and a configuration like:
      testLdapExample22 {
      org.jboss.security.auth.spi.LdapExtLoginModule
      java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
      java.naming.provider.url="ldap://lamia/"
      java.naming.security.authentication=simple
      bindDN="cn=Root,dc=jboss,dc=org"
      bindCredential=secret1
      baseCtxDN="ou=People,o=example2,dc=jboss,dc=org"
      baseFilter="(uid=

      {0})"
      rolesCtxDN="ou=Roles,o=example2,dc=jboss,dc=org";
      roleFilter="(uid={0}

      )"
      roleAttributeID="memberOf"
      roleAttributeIsDN="true"
      roleNameAttributeID="cn"
      roleRecursion=0
      };

      Only one role is being pulled from the cn=EchoGroup,ou=Roles,o=example2,dc=jboss,dc=org context, rather the both EchoGroup and TheDuke as only one of the cn attribute values is retrieved.

        1. example2.ldif
          2 kB

            starksm64 Scott Stark (Inactive)
            starksm64 Scott Stark (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: