[JBPAPP-5940] parseRoleNameFromDN functionality is missing from LdapExtLoginModule in EAP 5.1.0 - JBoss Issue Tracker

XML

Word

Printable

Details

Type: Sub-task
Status: Closed (View Workflow)
Priority: Major
Resolution: Done
Affects Version/s: EAP_EWP 5.1.0
Fix Version/s: EAP_EWP 5.1.1
Component/s: Security
Labels:
None

Affects Testing:

Regression
Release Notes Text:
LdapExtLoginModule queried LDAP for the roleNameAttributeID instead of checking the returned distinguished name. This was slow. To improve performance, a parseRoleNameFromDN option has been added to the module.
Release Notes Docs Status:
Documented as Resolved Issue

Description

The parseRoleNameFromDN functionality is missing from the LdapExtLoginModule in EAP 5.1.0. This is causing customers LDAP authentication to be slow.

Issue is a duplicate of the following:
https://issues.jboss.org/browse/ASPATCH-287
https://issues.jboss.org/browse/JBAS-4619
https://issues.jboss.org/browse/JBPAPP-607

Issue was resolved in 4.0.5 and 4.3.0. Customer needs the fix applied to EAP 5.1.0.

From ~~ASPATCH-287~~:
Improve the performance of the LdapExtLoginModule by adding a parseRoleNameFromDN option or check the returned DN to see if it already includes the roleNameAttributeID, and if it does, parse the roleNameAttributeID from the DN rather than querying LDAP for the roleNameAttributeID.

Gliffy Diagrams

Attachments

Activity

People

Assignee:

Anil Saldanha

Reporter:

Derek Horton

Writer:

Laura Bailey

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

15/Feb/11 11:13 AM

Updated:

20/Apr/11 5:56 AM

Resolved:

22/Feb/11 3:21 PM