-
Bug
-
Resolution: Done
-
Major
-
None
According to LDAP specification [1], DN can contain slash char without escaping or escaped backslash, etc.
I am not able to log in to management console with username "Slash/Char" or "Back\Slash". But I would be able to log in there.
I can see this in Wireshark
Slash/Char
LDAPMessage bindRequest(1) ""uid=Slash/Char",ou=People,o=LdapRealmSpecialNameManualTest7d339efa,o=primary,dc=jboss,dc=org" simple LDAPMessage bindResponse(1) invalidDNSyntax (Incorrect DN given : "uid=Slash/Char",ou=People,o=LdapRealmSpecialNameManualTest7d339efa,o=primary,dc=jboss,dc=org (0x22 0x75 0x69 0x64 0x3D 0x53 0x6C 0x61 0x73 0x68 0x2F 0x43 0x68 0x61 0x72 0x2
You can see there quotation marks around uid=Slash/Char.
Back\Slash
LDAPMessage bindRequest(1) "uid=Back\\\Slash,ou=People,o=LdapRealmSpecialNameManualTest7d339efa,o=primary,dc=jboss,dc=org" simple
LDAPMessage bindResponse(1) invalidDNSyntax (Incorrect DN given : uid=Back\\\Slash,ou=People,o=LdapRealmSpecialNameManualTest7d339efa,o=primary,dc=jboss,dc=org (0x75 0x69 0x64 0x3D 0x42 0x61 0x63 0x6B 0x5C 0x5C 0x5C 0x53 0x6C 0x61 0x73 0x6
You can see there three backslash chars.
In my opinion problem can be somewhere around this
javax.naming.NameImpl.stringifyComp(String comp)
- clones
-
JBEAP-2903 (7.4.z) User with slash or backslash char in LDAP name cannot log in through security-realm
- Verified