Details

    • Steps to Reproduce:
      Hide

      Try to configure a security-realm with ldap authentication/authorization with empty base-dn attribute; you get
      "WFLYCTL0113: '' is an invalid value for parameter base-dn. Values must have a minimum length of 1 characters"

      Show
      Try to configure a security-realm with ldap authentication/authorization with empty base-dn attribute; you get "WFLYCTL0113: '' is an invalid value for parameter base-dn. Values must have a minimum length of 1 characters"
    • Affects:
      Compatibility/Configuration
    • Workaround:
      Workaround Exists
    • Workaround Description:
      Hide

      Custom ldap login module; change enterprise ldap users/groups to match a common base-dn

      Show
      Custom ldap login module; change enterprise ldap users/groups to match a common base-dn

      Description

      It is not possible to set the empty value for base-dn attribute in authentication->ldap element and in authorization>ldap>group-search->group-to-principal element.
      The empty value is the only valid option for java ldap searches to scan the entire ldap (the equivalent of RootDSE).

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                alberto.persello Alberto Persello
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: