Uploaded image for project: 'JBoss Enterprise Application Platform 6'
  1. JBoss Enterprise Application Platform 6
  2. JBPAPP6-1513

LdapExtLoginModule adds the role name(s) also from the mapping object (either the login module or the documentation is wrong)

    Details

      Description

      LdapExtLoginModule adds role(s) also from the mapping object (found by roleFilter) in some cases (nesting == 0 && roleAttributeIsDN && roleNameAttributeID != null).

      The login module should only take role from the referenced object - the documentation says:
      roleAttributeID - Name of the attribute containing the user roles. If roleAttributeIsDN is set to true, this property is the DN of the context to query for the roleNameAttributeID attribute. If the roleAttributeIsDN property is set to false, this property is the attribute name of the role name.

      The problematic code is the first part of the while cycle in the org.jboss.security.auth.spi.LdapExtLoginModule.rolesSearch(InitialLdapContext, SearchControls, String, String, int, int) method.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  rdickens Russell Dickenson
                  Reporter:
                  jcacek Josef Cacek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: