Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-1313

Option roleRecursion does not work in LdapRolesMappingProvider

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 7.0.0.ER2 (Beta)
    • 7.0.0.DR11
    • Security
    • None
    • Hide

      Use security domain configuration as following:

      <security-domain name="test">
    <authentication>
        <login-module code="UsersRoles" flag="required">
            <module-option name="rolesProperties" value="roles.properties"/>
            <module-option name="usersProperties" value="users.properties"/>
        </login-module>
    </authentication>
    <mapping>
        <mapping-module code="LdapRoles" type="role">
            <module-option name="bindDN" value="uid=admin,ou=system"/>
            <module-option name="bindCredential" value="secret"/>
            <module-option name="java.naming.provider.url" value="ldap://localhost:10389"/>
            <module-option name="roleFilter" value="member=uid\={0},ou\=People,dc\=jboss,dc\=org"/>
            <module-option name="rolesCtxDN" value="ou=Roles,dc=jboss,dc=org"/>
            <module-option name="roleAttributeID" value="cn"/>
            <module-option name="roleRecursion" value="2"/>
        </mapping-module>
    </mapping>
</security-domain>
      Show
      Use security domain configuration as following: <security-domain name= "test" > <authentication> <login-module code= "UsersRoles" flag= "required" > <module-option name= "rolesProperties" value= "roles.properties" /> <module-option name= "usersProperties" value= "users.properties" /> </login-module> </authentication> <mapping> <mapping-module code= "LdapRoles" type= "role" > <module-option name= "bindDN" value= "uid=admin,ou=system" /> <module-option name= "bindCredential" value= "secret" /> <module-option name= "java.naming.provider.url" value= "ldap://localhost:10389" /> <module-option name= "roleFilter" value= "member=uid\={0},ou\=People,dc\=jboss,dc\=org" /> <module-option name= "rolesCtxDN" value= "ou=Roles,dc=jboss,dc=org" /> <module-option name= "roleAttributeID" value= "cn" /> <module-option name= "roleRecursion" value= "2" /> </mapping-module> </mapping> </security-domain>

    Description

      Option roleRecursion does not work in org.jboss.security.mapping.providers.role.LdapRolesMappingProvider. Only entries without recursion are found. No recursive search is done by LdapRolesMappingProvider since LdapRolesMappingProvider.rolesSearch method tries to make a recursive search with same parameters.

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. SECURITY-927 Option roleRecursion does not work in LdapRolesMappingProvider

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              pskopek@redhat.com Peter Skopek
              olukas Ondrej Lukas (Inactive)
              Ondrej Lukas Ondrej Lukas (Inactive)
              Ondrej Lukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: